vynil/addons
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding initial kubevirt support

Browse Source
This commit is contained in:
Sébastien Huss
2024-04-15 16:18:28 +02:00
parent 05ce097727
commit 32bc211cb6
136 changed files with 42922 additions and 227 deletions
Download Patch File Download Diff File Expand all files Collapse all files

279
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_cdiconfigs.cdi.kubevirt.io.yaml Normal file
View File

File diff suppressed because one or more lines are too long

2253
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_cdis.cdi.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

625
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_dataimportcrons.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,625 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: dataimportcrons.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
categories:
- all
kind: DataImportCron
listKind: DataImportCronList
plural: dataimportcrons
shortNames:
- dic
- dics
singular: dataimportcron
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: DataImportCron defines a cron job for recurring polling/importing disk images as PVCs into a golden image namespace
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DataImportCronSpec defines specification for DataImportCron
properties:
garbageCollect:
description: GarbageCollect specifies whether old PVCs should be cleaned up after a new PVC is imported. Options are currently "Outdated" and "Never", defaults to "Outdated".
type: string
importsToKeep:
description: Number of import PVCs to keep when garbage collecting. Default is 3.
format: int32
type: integer
managedDataSource:
description: ManagedDataSource specifies the name of the corresponding DataSource this cron will manage. DataSource has to be in the same namespace.
type: string
retentionPolicy:
description: RetentionPolicy specifies whether the created DataVolumes and DataSources are retained when their DataImportCron is deleted. Default is RatainAll.
type: string
schedule:
description: Schedule specifies in cron format when and how often to look for new imports
type: string
template:
description: Template specifies template for the DVs to be created
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DataVolumeSpec defines the DataVolume type specification
properties:
checkpoints:
description: Checkpoints is a list of DataVolumeCheckpoints, representing stages in a multistage import.
items:
description: DataVolumeCheckpoint defines a stage in a warm migration.
properties:
current:
description: Current is the identifier of the snapshot created for this checkpoint.
type: string
previous:
description: Previous is the identifier of the snapshot from the previous checkpoint.
type: string
required:
- current
- previous
type: object
type: array
contentType:
description: 'DataVolumeContentType options: "kubevirt", "archive"'
enum:
- kubevirt
- archive
type: string
finalCheckpoint:
description: FinalCheckpoint indicates whether the current DataVolumeCheckpoint is the final checkpoint.
type: boolean
preallocation:
description: Preallocation controls whether storage for DataVolumes should be allocated in advance.
type: boolean
priorityClassName:
description: PriorityClassName for Importer, Cloner and Uploader pod
type: string
pvc:
description: PVC is the PVC specification
properties:
accessModes:
description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.'
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
namespace:
description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
type: string
required:
- kind
- name
type: object
resources:
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
claims:
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
description: selector is a label query over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
type: string
volumeName:
description: volumeName is the binding reference to the PersistentVolume backing this claim.
type: string
type: object
source:
description: Source is the src of the data for the requested DataVolume
properties:
blank:
description: DataVolumeBlankImage provides the parameters to create a new raw blank image for the PVC
type: object
gcs:
description: DataVolumeSourceGCS provides the parameters to create a Data Volume from an GCS source
properties:
secretRef:
description: SecretRef provides the secret reference needed to access the GCS source
type: string
url:
description: URL is the url of the GCS source
type: string
required:
- url
type: object
http:
description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional basic auth user name and password, and an optional configmap containing additional CAs
properties:
certConfigMap:
description: CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate
type: string
extraHeaders:
description: ExtraHeaders is a list of strings containing extra headers to include with HTTP transfer requests
items:
type: string
type: array
secretExtraHeaders:
description: SecretExtraHeaders is a list of Secret references, each containing an extra HTTP header that may include sensitive information
items:
type: string
type: array
secretRef:
description: SecretRef A Secret reference, the secret should contain accessKeyId (user name) base64 encoded, and secretKey (password) also base64 encoded
type: string
url:
description: URL is the URL of the http(s) endpoint
type: string
required:
- url
type: object
imageio:
description: DataVolumeSourceImageIO provides the parameters to create a Data Volume from an imageio source
properties:
certConfigMap:
description: CertConfigMap provides a reference to the CA cert
type: string
diskId:
description: DiskID provides id of a disk to be imported
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the ovirt-engine
type: string
url:
description: URL is the URL of the ovirt-engine
type: string
required:
- diskId
- url
type: object
pvc:
description: DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC
properties:
name:
description: The name of the source PVC
type: string
namespace:
description: The namespace of the source PVC
type: string
required:
- name
- namespace
type: object
registry:
description: DataVolumeSourceRegistry provides the parameters to create a Data Volume from an registry source
properties:
certConfigMap:
description: CertConfigMap provides a reference to the Registry certs
type: string
imageStream:
description: ImageStream is the name of image stream for import
type: string
pullMethod:
description: PullMethod can be either "pod" (default import), or "node" (node docker cache based import)
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the Registry source
type: string
url:
description: 'URL is the url of the registry source (starting with the scheme: docker, oci-archive)'
type: string
type: object
s3:
description: DataVolumeSourceS3 provides the parameters to create a Data Volume from an S3 source
properties:
certConfigMap:
description: CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the S3 source
type: string
url:
description: URL is the url of the S3 source
type: string
required:
- url
type: object
snapshot:
description: DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot
properties:
name:
description: The name of the source VolumeSnapshot
type: string
namespace:
description: The namespace of the source VolumeSnapshot
type: string
required:
- name
- namespace
type: object
upload:
description: DataVolumeSourceUpload provides the parameters to create a Data Volume by uploading the source
type: object
vddk:
description: DataVolumeSourceVDDK provides the parameters to create a Data Volume from a Vmware source
properties:
backingFile:
description: BackingFile is the path to the virtual hard disk to migrate from vCenter/ESXi
type: string
initImageURL:
description: InitImageURL is an optional URL to an image containing an extracted VDDK library, overrides v2v-vmware config map
type: string
secretRef:
description: SecretRef provides a reference to a secret containing the username and password needed to access the vCenter or ESXi host
type: string
thumbprint:
description: Thumbprint is the certificate thumbprint of the vCenter or ESXi host
type: string
url:
description: URL is the URL of the vCenter or ESXi host with the VM to migrate
type: string
uuid:
description: UUID is the UUID of the virtual machine that the backing file is attached to in vCenter/ESXi
type: string
type: object
type: object
sourceRef:
description: SourceRef is an indirect reference to the source of data for the requested DataVolume
properties:
kind:
description: The kind of the source reference, currently only "DataSource" is supported
type: string
name:
description: The name of the source reference
type: string
namespace:
description: The namespace of the source reference, defaults to the DataVolume namespace
type: string
required:
- kind
- name
type: object
storage:
description: Storage is the requested storage specification
properties:
accessModes:
description: 'AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
description: 'This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) * An existing custom resource that implements data population (Alpha) In order to use custom resource types that implement data population, the AnyVolumeDataSource feature gate must be enabled. If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
description: 'Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
namespace:
description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
type: string
required:
- kind
- name
type: object
resources:
description: 'Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
claims:
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
description: A label query over volumes to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
description: 'Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
type: string
volumeName:
description: VolumeName is the binding reference to the PersistentVolume backing this claim.
type: string
type: object
type: object
status:
description: DataVolumeStatus contains the current status of the DataVolume
properties:
claimName:
description: ClaimName is the name of the underlying PVC used by the DataVolume.
type: string
conditions:
items:
description: DataVolumeCondition represents the state of a data volume condition.
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: DataVolumeConditionType is the string representation of known condition types
type: string
required:
- status
- type
type: object
type: array
phase:
description: Phase is the current phase of the data volume
type: string
progress:
description: DataVolumeProgress is the current progress of the DataVolume transfer operation. Value between 0 and 100 inclusive, N/A if not available
type: string
restartCount:
description: RestartCount is the number of times the pod populating the DataVolume has restarted
format: int32
type: integer
type: object
required:
- spec
type: object
required:
- managedDataSource
- schedule
- template
type: object
status:
description: DataImportCronStatus provides the most recently observed status of the DataImportCron
properties:
conditions:
items:
description: DataImportCronCondition represents the state of a data import cron condition
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: DataImportCronConditionType is the string representation of known condition types
type: string
required:
- status
- type
type: object
type: array
currentImports:
description: CurrentImports are the imports in progress. Currently only a single import is supported.
items:
description: ImportStatus of a currently in progress import
properties:
DataVolumeName:
description: DataVolumeName is the currently in progress import DataVolume
type: string
Digest:
description: Digest of the currently imported image
type: string
required:
- DataVolumeName
- Digest
type: object
type: array
lastExecutionTimestamp:
description: LastExecutionTimestamp is the time of the last polling
format: date-time
type: string
lastImportTimestamp:
description: LastImportTimestamp is the time of the last import
format: date-time
type: string
lastImportedPVC:
description: LastImportedPVC is the last imported PVC
properties:
name:
description: The name of the source PVC
type: string
namespace:
description: The namespace of the source PVC
type: string
required:
- name
- namespace
type: object
type: object
required:
- spec
type: object
served: true
storage: true

137
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_datasources.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,137 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
operator.cdi.kubevirt.io/lastAppliedConfiguration: '{"kind":"CustomResourceDefinition","apiVersion":"apiextensions.k8s.io/v1","metadata":{"name":"datasources.cdi.kubevirt.io","creationTimestamp":null,"annotations":{"controller-gen.kubebuilder.io/version":"v0.11.3"}},"spec":{"group":"cdi.kubevirt.io","names":{"plural":"datasources","singular":"datasource","shortNames":["das"],"kind":"DataSource","listKind":"DataSourceList","categories":["all"]},"scope":"Namespaced","versions":[{"name":"v1beta1","served":true,"storage":true,"schema":{"openAPIV3Schema":{"description":"DataSource references an import/clone source for a DataVolume","type":"object","required":["spec"],"properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"DataSourceSpec defines specification for DataSource","type":"object","required":["source"],"properties":{"source":{"description":"Source is the source of the data referenced by the DataSource","type":"object","properties":{"pvc":{"description":"DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC","type":"object","required":["name","namespace"],"properties":{"name":{"description":"The name of the source PVC","type":"string"},"namespace":{"description":"The namespace of the source PVC","type":"string"}}},"snapshot":{"description":"DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot","type":"object","required":["name","namespace"],"properties":{"name":{"description":"The name of the source VolumeSnapshot","type":"string"},"namespace":{"description":"The namespace of the source VolumeSnapshot","type":"string"}}}}}}},"status":{"description":"DataSourceStatus provides the most recently observed status of the DataSource","type":"object","properties":{"conditions":{"type":"array","items":{"description":"DataSourceCondition represents the state of a data source condition","type":"object","required":["status","type"],"properties":{"lastHeartbeatTime":{"type":"string","format":"date-time"},"lastTransitionTime":{"type":"string","format":"date-time"},"message":{"type":"string"},"reason":{"type":"string"},"status":{"type":"string"},"type":{"description":"DataSourceConditionType is the string representation of known condition types","type":"string"}}}},"source":{"description":"Source is the current source of the data referenced by the DataSource","type":"object","properties":{"pvc":{"description":"DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC","type":"object","required":["name","namespace"],"properties":{"name":{"description":"The name of the source PVC","type":"string"},"namespace":{"description":"The namespace of the source PVC","type":"string"}}},"snapshot":{"description":"DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot","type":"object","required":["name","namespace"],"properties":{"name":{"description":"The name of the source VolumeSnapshot","type":"string"},"namespace":{"description":"The namespace of the source VolumeSnapshot","type":"string"}}}}}}}}}}}]},"status":{"conditions":null,"acceptedNames":{"plural":"","kind":""},"storedVersions":null}}'
generation: 1
labels:
operator.cdi.kubevirt.io/createVersion: v1.57.0
name: datasources.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
categories:
- all
kind: DataSource
listKind: DataSourceList
plural: datasources
shortNames:
- das
singular: datasource
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: DataSource references an import/clone source for a DataVolume
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DataSourceSpec defines specification for DataSource
properties:
source:
description: Source is the source of the data referenced by the DataSource
properties:
pvc:
description: DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC
properties:
name:
description: The name of the source PVC
type: string
namespace:
description: The namespace of the source PVC
type: string
required:
- name
- namespace
type: object
snapshot:
description: DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot
properties:
name:
description: The name of the source VolumeSnapshot
type: string
namespace:
description: The namespace of the source VolumeSnapshot
type: string
required:
- name
- namespace
type: object
type: object
required:
- source
type: object
status:
description: DataSourceStatus provides the most recently observed status of the DataSource
properties:
conditions:
items:
description: DataSourceCondition represents the state of a data source condition
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: DataSourceConditionType is the string representation of known condition types
type: string
required:
- status
- type
type: object
type: array
source:
description: Source is the current source of the data referenced by the DataSource
properties:
pvc:
description: DataVolumeSourcePVC provides the parameters to create a Data Volume from an existing PVC
properties:
name:
description: The name of the source PVC
type: string
namespace:
description: The namespace of the source PVC
type: string
required:
- name
- namespace
type: object
snapshot:
description: DataVolumeSourceSnapshot provides the parameters to create a Data Volume from an existing VolumeSnapshot
properties:
name:
description: The name of the source VolumeSnapshot
type: string
namespace:
description: The namespace of the source VolumeSnapshot
type: string
required:
- name
- namespace
type: object
type: object
type: object
required:
- spec
type: object
served: true
storage: true

546
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_datavolumes.cdi.kubevirt.io.yaml Normal file
View File

File diff suppressed because one or more lines are too long

125
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_objecttransfers.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,125 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
operator.cdi.kubevirt.io/lastAppliedConfiguration: '{"kind":"CustomResourceDefinition","apiVersion":"apiextensions.k8s.io/v1","metadata":{"name":"objecttransfers.cdi.kubevirt.io","creationTimestamp":null,"annotations":{"controller-gen.kubebuilder.io/version":"v0.11.3"}},"spec":{"group":"cdi.kubevirt.io","names":{"plural":"objecttransfers","singular":"objecttransfer","shortNames":["ot","ots"],"kind":"ObjectTransfer","listKind":"ObjectTransferList"},"scope":"Cluster","versions":[{"name":"v1beta1","served":true,"storage":true,"schema":{"openAPIV3Schema":{"description":"ObjectTransfer is the cluster scoped object transfer resource","type":"object","required":["spec"],"properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"ObjectTransferSpec specifies the source/target of the transfer","type":"object","required":["source","target"],"properties":{"parentName":{"type":"string"},"source":{"description":"TransferSource is the source of a ObjectTransfer","type":"object","required":["kind","name","namespace"],"properties":{"apiVersion":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"namespace":{"type":"string"},"requiredAnnotations":{"type":"object","additionalProperties":{"type":"string"}}}},"target":{"description":"TransferTarget is the target of an ObjectTransfer","type":"object","properties":{"name":{"type":"string"},"namespace":{"type":"string"}}}}},"status":{"description":"ObjectTransferStatus is the status of the ObjectTransfer","type":"object","properties":{"conditions":{"type":"array","items":{"description":"ObjectTransferCondition contains condition data","type":"object","required":["status","type"],"properties":{"lastHeartbeatTime":{"type":"string","format":"date-time"},"lastTransitionTime":{"type":"string","format":"date-time"},"message":{"type":"string"},"reason":{"type":"string"},"status":{"type":"string"},"type":{"description":"ObjectTransferConditionType is the type of ObjectTransferCondition","type":"string"}}}},"data":{"description":"Data is a place for intermediary state. Or anything really.","type":"object","additionalProperties":{"type":"string"}},"phase":{"description":"Phase is the current phase of the transfer","type":"string"}}}}}},"subresources":{"status":{}},"additionalPrinterColumns":[{"name":"Age","type":"date","jsonPath":".metadata.creationTimestamp"},{"name":"Phase","type":"string","description":"The phase of the ObjectTransfer","jsonPath":".status.phase"}]}]},"status":{"conditions":null,"acceptedNames":{"plural":"","kind":""},"storedVersions":null}}'
generation: 1
labels:
operator.cdi.kubevirt.io/createVersion: v1.57.0
name: objecttransfers.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
kind: ObjectTransfer
listKind: ObjectTransferList
plural: objecttransfers
shortNames:
- ot
- ots
singular: objecttransfer
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: The phase of the ObjectTransfer
jsonPath: .status.phase
name: Phase
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: ObjectTransfer is the cluster scoped object transfer resource
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ObjectTransferSpec specifies the source/target of the transfer
properties:
parentName:
type: string
source:
description: TransferSource is the source of a ObjectTransfer
properties:
apiVersion:
type: string
kind:
type: string
name:
type: string
namespace:
type: string
requiredAnnotations:
additionalProperties:
type: string
type: object
required:
- kind
- name
- namespace
type: object
target:
description: TransferTarget is the target of an ObjectTransfer
properties:
name:
type: string
namespace:
type: string
type: object
required:
- source
- target
type: object
status:
description: ObjectTransferStatus is the status of the ObjectTransfer
properties:
conditions:
items:
description: ObjectTransferCondition contains condition data
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ObjectTransferConditionType is the type of ObjectTransferCondition
type: string
required:
- status
- type
type: object
type: array
data:
additionalProperties:
type: string
description: Data is a place for intermediary state. Or anything really.
type: object
phase:
description: Phase is the current phase of the transfer
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

95
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_storageprofiles.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,95 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
operator.cdi.kubevirt.io/lastAppliedConfiguration: '{"kind":"CustomResourceDefinition","apiVersion":"apiextensions.k8s.io/v1","metadata":{"name":"storageprofiles.cdi.kubevirt.io","creationTimestamp":null,"annotations":{"controller-gen.kubebuilder.io/version":"v0.11.3"}},"spec":{"group":"cdi.kubevirt.io","names":{"plural":"storageprofiles","singular":"storageprofile","kind":"StorageProfile","listKind":"StorageProfileList"},"scope":"Cluster","versions":[{"name":"v1beta1","served":true,"storage":true,"schema":{"openAPIV3Schema":{"description":"StorageProfile provides a CDI specific recommendation for storage parameters","type":"object","required":["spec"],"properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"StorageProfileSpec defines specification for StorageProfile","type":"object","properties":{"claimPropertySets":{"description":"ClaimPropertySets is a provided set of properties applicable to PVC","type":"array","items":{"description":"ClaimPropertySet is a set of properties applicable to PVC","type":"object","properties":{"accessModes":{"description":"AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","type":"array","items":{"type":"string"}},"volumeMode":{"description":"VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.","type":"string"}}}},"cloneStrategy":{"description":"CloneStrategy defines the preferred method for performing a CDI clone","type":"string"},"dataImportCronSourceFormat":{"description":"DataImportCronSourceFormat defines the format of the DataImportCron-created disk image sources","type":"string"}}},"status":{"description":"StorageProfileStatus provides the most recently observed status of the StorageProfile","type":"object","properties":{"claimPropertySets":{"description":"ClaimPropertySets computed from the spec and detected in the system","type":"array","items":{"description":"ClaimPropertySet is a set of properties applicable to PVC","type":"object","properties":{"accessModes":{"description":"AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1","type":"array","items":{"type":"string"}},"volumeMode":{"description":"VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.","type":"string"}}}},"cloneStrategy":{"description":"CloneStrategy defines the preferred method for performing a CDI clone","type":"string"},"dataImportCronSourceFormat":{"description":"DataImportCronSourceFormat defines the format of the DataImportCron-created disk image sources","type":"string"},"provisioner":{"description":"The Storage class provisioner plugin name","type":"string"},"storageClass":{"description":"The StorageClass name for which capabilities are defined","type":"string"}}}}}}}]},"status":{"conditions":null,"acceptedNames":{"plural":"","kind":""},"storedVersions":null}}'
generation: 1
labels:
operator.cdi.kubevirt.io/createVersion: v1.57.0
name: storageprofiles.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
kind: StorageProfile
listKind: StorageProfileList
plural: storageprofiles
singular: storageprofile
scope: Cluster
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: StorageProfile provides a CDI specific recommendation for storage parameters
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: StorageProfileSpec defines specification for StorageProfile
properties:
claimPropertySets:
description: ClaimPropertySets is a provided set of properties applicable to PVC
items:
description: ClaimPropertySet is a set of properties applicable to PVC
properties:
accessModes:
description: 'AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
volumeMode:
description: VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
type: string
type: object
type: array
cloneStrategy:
description: CloneStrategy defines the preferred method for performing a CDI clone
type: string
dataImportCronSourceFormat:
description: DataImportCronSourceFormat defines the format of the DataImportCron-created disk image sources
type: string
type: object
status:
description: StorageProfileStatus provides the most recently observed status of the StorageProfile
properties:
claimPropertySets:
description: ClaimPropertySets computed from the spec and detected in the system
items:
description: ClaimPropertySet is a set of properties applicable to PVC
properties:
accessModes:
description: 'AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
volumeMode:
description: VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
type: string
type: object
type: array
cloneStrategy:
description: CloneStrategy defines the preferred method for performing a CDI clone
type: string
dataImportCronSourceFormat:
description: DataImportCronSourceFormat defines the format of the DataImportCron-created disk image sources
type: string
provisioner:
description: The Storage class provisioner plugin name
type: string
storageClass:
description: The StorageClass name for which capabilities are defined
type: string
type: object
required:
- spec
type: object
served: true
storage: true

68
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_volumeclonesources.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,68 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
operator.cdi.kubevirt.io/lastAppliedConfiguration: '{"kind":"CustomResourceDefinition","apiVersion":"apiextensions.k8s.io/v1","metadata":{"name":"volumeclonesources.cdi.kubevirt.io","creationTimestamp":null,"annotations":{"controller-gen.kubebuilder.io/version":"v0.11.3"}},"spec":{"group":"cdi.kubevirt.io","names":{"plural":"volumeclonesources","singular":"volumeclonesource","kind":"VolumeCloneSource","listKind":"VolumeCloneSourceList"},"scope":"Namespaced","versions":[{"name":"v1beta1","served":true,"storage":true,"schema":{"openAPIV3Schema":{"description":"VolumeCloneSource refers to a PVC/VolumeSnapshot of any storageclass/volumemode to be used as the source of a new PVC","type":"object","required":["spec"],"properties":{"apiVersion":{"description":"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources","type":"string"},"kind":{"description":"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds","type":"string"},"metadata":{"type":"object"},"spec":{"description":"VolumeCloneSourceSpec defines the Spec field for VolumeCloneSource","type":"object","required":["source"],"properties":{"preallocation":{"description":"Preallocation controls whether storage for the target PVC should be allocated in advance.","type":"boolean"},"priorityClassName":{"description":"PriorityClassName is the priorityclass for the claim","type":"string"},"source":{"description":"Source is the src of the data to be cloned to the target PVC","type":"object","required":["kind","name"],"properties":{"apiGroup":{"description":"APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.","type":"string"},"kind":{"description":"Kind is the type of resource being referenced","type":"string"},"name":{"description":"Name is the name of resource being referenced","type":"string"}},"x-kubernetes-map-type":"atomic"}}}}}}}]},"status":{"conditions":null,"acceptedNames":{"plural":"","kind":""},"storedVersions":null}}'
generation: 1
labels:
operator.cdi.kubevirt.io/createVersion: v1.57.0
name: volumeclonesources.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
kind: VolumeCloneSource
listKind: VolumeCloneSourceList
plural: volumeclonesources
singular: volumeclonesource
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: VolumeCloneSource refers to a PVC/VolumeSnapshot of any storageclass/volumemode to be used as the source of a new PVC
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VolumeCloneSourceSpec defines the Spec field for VolumeCloneSource
properties:
preallocation:
description: Preallocation controls whether storage for the target PVC should be allocated in advance.
type: boolean
priorityClassName:
description: PriorityClassName is the priorityclass for the claim
type: string
source:
description: Source is the src of the data to be cloned to the target PVC
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
required:
- source
type: object
required:
- spec
type: object
served: true
storage: true

165
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_volumeimportsources.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,165 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: volumeimportsources.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
kind: VolumeImportSource
listKind: VolumeImportSourceList
plural: volumeimportsources
singular: volumeimportsource
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: VolumeImportSource works as a specification to populate PersistentVolumeClaims with data imported from an HTTP/S3/Registry/Blank/ImageIO/VDDK source
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VolumeImportSourceSpec defines the Spec field for VolumeImportSource
properties:
contentType:
description: ContentType represents the type of the imported data (Kubevirt or archive)
type: string
preallocation:
description: Preallocation controls whether storage for the target PVC should be allocated in advance.
type: boolean
source:
description: Source is the src of the data to be imported in the target PVC
properties:
blank:
description: DataVolumeBlankImage provides the parameters to create a new raw blank image for the PVC
type: object
gcs:
description: DataVolumeSourceGCS provides the parameters to create a Data Volume from an GCS source
properties:
secretRef:
description: SecretRef provides the secret reference needed to access the GCS source
type: string
url:
description: URL is the url of the GCS source
type: string
required:
- url
type: object
http:
description: DataVolumeSourceHTTP can be either an http or https endpoint, with an optional basic auth user name and password, and an optional configmap containing additional CAs
properties:
certConfigMap:
description: CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate
type: string
extraHeaders:
description: ExtraHeaders is a list of strings containing extra headers to include with HTTP transfer requests
items:
type: string
type: array
secretExtraHeaders:
description: SecretExtraHeaders is a list of Secret references, each containing an extra HTTP header that may include sensitive information
items:
type: string
type: array
secretRef:
description: SecretRef A Secret reference, the secret should contain accessKeyId (user name) base64 encoded, and secretKey (password) also base64 encoded
type: string
url:
description: URL is the URL of the http(s) endpoint
type: string
required:
- url
type: object
imageio:
description: DataVolumeSourceImageIO provides the parameters to create a Data Volume from an imageio source
properties:
certConfigMap:
description: CertConfigMap provides a reference to the CA cert
type: string
diskId:
description: DiskID provides id of a disk to be imported
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the ovirt-engine
type: string
url:
description: URL is the URL of the ovirt-engine
type: string
required:
- diskId
- url
type: object
registry:
description: DataVolumeSourceRegistry provides the parameters to create a Data Volume from an registry source
properties:
certConfigMap:
description: CertConfigMap provides a reference to the Registry certs
type: string
imageStream:
description: ImageStream is the name of image stream for import
type: string
pullMethod:
description: PullMethod can be either "pod" (default import), or "node" (node docker cache based import)
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the Registry source
type: string
url:
description: 'URL is the url of the registry source (starting with the scheme: docker, oci-archive)'
type: string
type: object
s3:
description: DataVolumeSourceS3 provides the parameters to create a Data Volume from an S3 source
properties:
certConfigMap:
description: CertConfigMap is a configmap reference, containing a Certificate Authority(CA) public key, and a base64 encoded pem certificate
type: string
secretRef:
description: SecretRef provides the secret reference needed to access the S3 source
type: string
url:
description: URL is the url of the S3 source
type: string
required:
- url
type: object
vddk:
description: DataVolumeSourceVDDK provides the parameters to create a Data Volume from a Vmware source
properties:
backingFile:
description: BackingFile is the path to the virtual hard disk to migrate from vCenter/ESXi
type: string
initImageURL:
description: InitImageURL is an optional URL to an image containing an extracted VDDK library, overrides v2v-vmware config map
type: string
secretRef:
description: SecretRef provides a reference to a secret containing the username and password needed to access the vCenter or ESXi host
type: string
thumbprint:
description: Thumbprint is the certificate thumbprint of the vCenter or ESXi host
type: string
url:
description: URL is the URL of the vCenter or ESXi host with the VM to migrate
type: string
uuid:
description: UUID is the UUID of the virtual machine that the backing file is attached to in vCenter/ESXi
type: string
type: object
type: object
type: object
status:
description: VolumeImportSourceStatus provides the most recently observed status of the VolumeImportSource
type: object
required:
- spec
type: object
served: true
storage: true

46
crd/cdi/apiextensions.k8s.io_v1_CustomResourceDefinition_volumeuploadsources.cdi.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,46 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: volumeuploadsources.cdi.kubevirt.io
spec:
conversion:
strategy: None
group: cdi.kubevirt.io
names:
kind: VolumeUploadSource
listKind: VolumeUploadSourceList
plural: volumeuploadsources
singular: volumeuploadsource
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: VolumeUploadSource is a specification to populate PersistentVolumeClaims with upload data
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VolumeUploadSourceSpec defines specification for VolumeUploadSource
properties:
contentType:
description: ContentType represents the type of the upload data (Kubevirt or archive)
type: string
preallocation:
description: Preallocation controls whether storage for the target PVC should be allocated in advance.
type: boolean
type: object
status:
description: VolumeUploadSourceStatus provides the most recently observed status of the VolumeUploadSource
type: object
required:
- spec
type: object
served: true
storage: true

17
crd/cdi/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

33
crd/cdi/index.rhai Normal file
View File

@@ -0,0 +1,33 @@
const VERSION="3.5.5";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const PURGE=config.purge;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_cdis.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_cdiconfigs.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_dataimportcrons.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_datasources.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_datavolumes.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_objecttransfers.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_storageprofiles.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_volumeclonesources.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_volumeimportsources.cdi.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_volumeuploadsources.cdi.kubevirt.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::PURGE {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

21
crd/cdi/index.yaml Normal file
View File

@@ -0,0 +1,21 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: cdi
description: CRD for Containerized Data Importer
options:
apply:
default: true
examples:
- true
type: boolean
purge:
default: false
examples:
- false
type: boolean
dependencies: []
providers: null
tfaddtype: null

6019
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_kubevirts.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

73
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_migrationpolicies.migrations.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,73 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: migrationpolicies.migrations.kubevirt.io
spec:
conversion:
strategy: None
group: migrations.kubevirt.io
names:
categories:
- all
kind: MigrationPolicy
listKind: MigrationPolicyList
plural: migrationpolicies
singular: migrationpolicy
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: MigrationPolicy holds migration policy (i.e. configurations) to apply to a VM or group of VMs
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
allowAutoConverge:
type: boolean
allowPostCopy:
type: boolean
bandwidthPerMigration:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
completionTimeoutPerGiB:
format: int64
type: integer
selectors:
properties:
namespaceSelector:
additionalProperties:
type: string
type: object
virtualMachineInstanceSelector:
additionalProperties:
type: string
type: object
type: object
required:
- selectors
type: object
status:
nullable: true
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

154
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclones.clone.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,154 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachineclones.clone.kubevirt.io
spec:
conversion:
strategy: None
group: clone.kubevirt.io
names:
categories:
- all
kind: VirtualMachineClone
listKind: VirtualMachineCloneList
plural: virtualmachineclones
shortNames:
- vmclone
- vmclones
singular: virtualmachineclone
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.phase
name: Phase
type: string
- jsonPath: .spec.source.name
name: SourceVirtualMachine
type: string
- jsonPath: .spec.target.name
name: TargetVirtualMachine
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineClone is a CRD that clones one VM into another.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
annotationFilters:
items:
type: string
type: array
x-kubernetes-list-type: atomic
labelFilters:
items:
type: string
type: array
x-kubernetes-list-type: atomic
newMacAddresses:
additionalProperties:
type: string
description: NewMacAddresses manually sets that target interfaces' mac addresses. The key is the interface name and the value is the new mac address. If this field is not specified, a new MAC address will be generated automatically, as for any interface that is not included in this map.
type: object
newSMBiosSerial:
description: NewSMBiosSerial manually sets that target's SMbios serial. If this field is not specified, a new serial will be generated automatically.
type: string
source:
description: TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
target:
description: If the target is not provided, a random name would be generated for the target. The target's name can be viewed by inspecting status "TargetName" field below.
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
required:
- source
type: object
status:
properties:
conditions:
items:
description: Condition defines conditions
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ConditionType is the const type for Conditions
type: string
required:
- status
- type
type: object
type: array
x-kubernetes-list-type: atomic
creationTime:
format: date-time
nullable: true
type: string
phase:
type: string
restoreName:
nullable: true
type: string
snapshotName:
nullable: true
type: string
targetName:
nullable: true
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

487
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclusterinstancetypes.instancetype.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,487 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachineclusterinstancetypes.instancetype.kubevirt.io
spec:
conversion:
strategy: None
group: instancetype.kubevirt.io
names:
kind: VirtualMachineClusterInstancetype
listKind: VirtualMachineClusterInstancetypeList
plural: virtualmachineclusterinstancetypes
shortNames:
- vmclusterinstancetype
- vmclusterinstancetypes
- vmcf
- vmcfs
singular: virtualmachineclusterinstancetype
scope: Cluster
versions:
- deprecated: true
deprecationWarning: instancetype.kubevirt.io/v1alpha1 VirtualMachineClusterInstanceTypes is now deprecated and will be removed in v1.
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineClusterInstancetype is a cluster scoped version of VirtualMachineInstancetype resource.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: false
- deprecated: true
deprecationWarning: instancetype.kubevirt.io/v1alpha2 VirtualMachineClusterInstanceTypes is now deprecated and will be removed in v1.
name: v1alpha2
schema:
openAPIV3Schema:
description: VirtualMachineClusterInstancetype is a cluster scoped version of VirtualMachineInstancetype resource.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: false
- name: v1beta1
schema:
openAPIV3Schema:
description: VirtualMachineClusterInstancetype is a cluster scoped version of VirtualMachineInstancetype resource.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: true

1367
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclusterpreferences.instancetype.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

259
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineexports.export.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,259 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
kubevirt.io/generation: "1"
kubevirt.io/install-strategy-identifier: c51bc47ef3eccba54f764552d24801eb8388b36e
kubevirt.io/install-strategy-registry: quay.io/kubevirt
kubevirt.io/install-strategy-version: v1.0.1
generation: 1
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachineexports.export.kubevirt.io
spec:
conversion:
strategy: None
group: export.kubevirt.io
names:
categories:
- all
kind: VirtualMachineExport
listKind: VirtualMachineExportList
plural: virtualmachineexports
shortNames:
- vmexport
- vmexports
singular: virtualmachineexport
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.source.kind
name: SourceKind
type: string
- jsonPath: .spec.source.name
name: SourceName
type: string
- jsonPath: .status.phase
name: Phase
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineExport defines the operation of exporting a VM source
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VirtualMachineExportSpec is the spec for a VirtualMachineExport resource
properties:
source:
description: TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
tokenSecretRef:
description: TokenSecretRef is the name of the custom-defined secret that contains the token used by the export server pod
type: string
ttlDuration:
description: ttlDuration limits the lifetime of an export If this field is set, after this duration has passed from counting from CreationTimestamp, the export is eligible to be automatically deleted. If this field is omitted, a reasonable default is applied.
type: string
required:
- source
type: object
status:
description: VirtualMachineExportStatus is the status for a VirtualMachineExport resource
properties:
conditions:
items:
description: Condition defines conditions
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ConditionType is the const type for Conditions
type: string
required:
- status
- type
type: object
type: array
x-kubernetes-list-type: atomic
links:
description: VirtualMachineExportLinks contains the links that point the exported VM resources
properties:
external:
description: VirtualMachineExportLink contains a list of volumes available for export, as well as the URLs to obtain these volumes
properties:
cert:
description: Cert is the public CA certificate base64 encoded
type: string
manifests:
description: Manifests is a list of available manifests for the export
items:
description: VirtualMachineExportManifest contains the type and URL of the exported manifest
properties:
type:
description: Type is the type of manifest returned
type: string
url:
description: Url is the url of the endpoint that returns the manifest
type: string
required:
- type
- url
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
volumes:
description: Volumes is a list of available volumes to export
items:
description: VirtualMachineExportVolume contains the name and available formats for the exported volume
properties:
formats:
items:
description: VirtualMachineExportVolumeFormat contains the format type and URL to get the volume in that format
properties:
format:
description: Format is the format of the image at the specified URL
type: string
url:
description: Url is the url that contains the volume in the format specified
type: string
required:
- format
- url
type: object
type: array
x-kubernetes-list-map-keys:
- format
x-kubernetes-list-type: map
name:
description: Name is the name of the exported volume
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
required:
- cert
type: object
internal:
description: VirtualMachineExportLink contains a list of volumes available for export, as well as the URLs to obtain these volumes
properties:
cert:
description: Cert is the public CA certificate base64 encoded
type: string
manifests:
description: Manifests is a list of available manifests for the export
items:
description: VirtualMachineExportManifest contains the type and URL of the exported manifest
properties:
type:
description: Type is the type of manifest returned
type: string
url:
description: Url is the url of the endpoint that returns the manifest
type: string
required:
- type
- url
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
volumes:
description: Volumes is a list of available volumes to export
items:
description: VirtualMachineExportVolume contains the name and available formats for the exported volume
properties:
formats:
items:
description: VirtualMachineExportVolumeFormat contains the format type and URL to get the volume in that format
properties:
format:
description: Format is the format of the image at the specified URL
type: string
url:
description: Url is the url that contains the volume in the format specified
type: string
required:
- format
- url
type: object
type: array
x-kubernetes-list-map-keys:
- format
x-kubernetes-list-type: map
name:
description: Name is the name of the exported volume
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
required:
- cert
type: object
type: object
phase:
description: VirtualMachineExportPhase is the current phase of the VirtualMachineExport
type: string
serviceName:
description: ServiceName is the name of the service created associated with the Virtual Machine export. It will be used to create the internal URLs for downloading the images
type: string
tokenSecretRef:
description: TokenSecretRef is the name of the secret that contains the token used by the export server pod
type: string
ttlExpirationTime:
description: The time at which the VM Export will be completely removed according to specified TTL Formula is CreationTimestamp + TTL
format: date-time
type: string
virtualMachineName:
description: VirtualMachineName shows the name of the source virtual machine if the source is either a VirtualMachine or a VirtualMachineSnapshot. This is mainly to easily identify the source VirtualMachine in case of a VirtualMachineSnapshot
type: string
type: object
required:
- spec
type: object
served: true
storage: true

432
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancemigrations.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,432 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
kubevirt.io/generation: "1"
kubevirt.io/install-strategy-identifier: c51bc47ef3eccba54f764552d24801eb8388b36e
kubevirt.io/install-strategy-registry: quay.io/kubevirt
kubevirt.io/install-strategy-version: v1.0.1
generation: 1
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachineinstancemigrations.kubevirt.io
spec:
conversion:
strategy: None
group: kubevirt.io
names:
categories:
- all
kind: VirtualMachineInstanceMigration
listKind: VirtualMachineInstanceMigrationList
plural: virtualmachineinstancemigrations
shortNames:
- vmim
- vmims
singular: virtualmachineinstancemigration
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The current phase of VM instance migration
jsonPath: .status.phase
name: Phase
type: string
- description: The name of the VMI to perform the migration on
jsonPath: .spec.vmiName
name: VMI
type: string
name: v1
schema:
openAPIV3Schema:
description: VirtualMachineInstanceMigration represents the object tracking a VMI's migration to another host in the cluster
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
vmiName:
description: The name of the VMI to perform the migration on. VMI must exist in the migration objects namespace
type: string
type: object
status:
description: VirtualMachineInstanceMigration reprents information pertaining to a VMI's migration.
properties:
conditions:
items:
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
required:
- status
- type
type: object
type: array
migrationState:
description: Represents the status of a live migration
properties:
abortRequested:
description: Indicates that the migration has been requested to abort
type: boolean
abortStatus:
description: Indicates the final status of the live migration abortion
type: string
completed:
description: Indicates the migration completed
type: boolean
endTimestamp:
description: The time the migration action ended
format: date-time
nullable: true
type: string
failed:
description: Indicates that the migration failed
type: boolean
migrationConfiguration:
description: Migration configurations to apply
properties:
allowAutoConverge:
description: AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false
type: boolean
allowPostCopy:
description: AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false
type: boolean
bandwidthPerMigration:
anyOf:
- type: integer
- type: string
description: BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
completionTimeoutPerGiB:
description: CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800
format: int64
type: integer
disableTLS:
description: When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false
type: boolean
matchSELinuxLevelOnMigration:
description: By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. That will ensure the target virt-launcher doesn't share categories with another pod on the node. However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels.
type: boolean
network:
description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network.
type: string
nodeDrainTaintKey:
description: 'NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain'
type: string
parallelMigrationsPerCluster:
description: ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5
format: int32
type: integer
parallelOutboundMigrationsPerNode:
description: ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2
format: int32
type: integer
progressTimeout:
description: ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150
format: int64
type: integer
unsafeMigrationOverride:
description: UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false
type: boolean
type: object
migrationPolicyName:
description: Name of the migration policy. If string is empty, no policy is matched
type: string
migrationUid:
description: The VirtualMachineInstanceMigration object associated with this migration
type: string
mode:
description: Lets us know if the vmi is currently running pre or post copy migration
type: string
sourceNode:
description: The source node that the VMI originated on
type: string
startTimestamp:
description: The time the migration action began
format: date-time
nullable: true
type: string
targetAttachmentPodUID:
description: The UID of the target attachment pod for hotplug volumes
type: string
targetCPUSet:
description: If the VMI requires dedicated CPUs, this field will hold the dedicated CPU set on the target node
items:
type: integer
type: array
x-kubernetes-list-type: atomic
targetDirectMigrationNodePorts:
additionalProperties:
type: integer
description: The list of ports opened for live migration on the destination node
type: object
targetNode:
description: The target node that the VMI is moving to
type: string
targetNodeAddress:
description: The address of the target node to use for the migration
type: string
targetNodeDomainDetected:
description: The Target Node has seen the Domain Start Event
type: boolean
targetNodeDomainReadyTimestamp:
description: The timestamp at which the target node detects the domain is active
format: date-time
type: string
targetNodeTopology:
description: If the VMI requires dedicated CPUs, this field will hold the numa topology on the target node
type: string
targetPod:
description: The target pod that the VMI is moving to
type: string
type: object
phase:
description: VirtualMachineInstanceMigrationPhase is a label for the condition of a VirtualMachineInstanceMigration at the current time.
type: string
phaseTransitionTimestamps:
description: PhaseTransitionTimestamp is the timestamp of when the last phase change occurred
items:
description: VirtualMachineInstanceMigrationPhaseTransitionTimestamp gives a timestamp in relation to when a phase is set on a vmi
properties:
phase:
description: Phase is the status of the VirtualMachineInstanceMigrationPhase in kubernetes world. It is not the VirtualMachineInstanceMigrationPhase status, but partially correlates to it.
type: string
phaseTransitionTimestamp:
description: PhaseTransitionTimestamp is the timestamp of when the phase change occurred
format: date-time
type: string
type: object
type: array
x-kubernetes-list-type: atomic
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- description: The current phase of VM instance migration
jsonPath: .status.phase
name: Phase
type: string
- description: The name of the VMI to perform the migration on
jsonPath: .spec.vmiName
name: VMI
type: string
deprecated: true
deprecationWarning: kubevirt.io/v1alpha3 is now deprecated and will be removed in a future release.
name: v1alpha3
schema:
openAPIV3Schema:
description: VirtualMachineInstanceMigration represents the object tracking a VMI's migration to another host in the cluster
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
vmiName:
description: The name of the VMI to perform the migration on. VMI must exist in the migration objects namespace
type: string
type: object
status:
description: VirtualMachineInstanceMigration reprents information pertaining to a VMI's migration.
properties:
conditions:
items:
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
required:
- status
- type
type: object
type: array
migrationState:
description: Represents the status of a live migration
properties:
abortRequested:
description: Indicates that the migration has been requested to abort
type: boolean
abortStatus:
description: Indicates the final status of the live migration abortion
type: string
completed:
description: Indicates the migration completed
type: boolean
endTimestamp:
description: The time the migration action ended
format: date-time
nullable: true
type: string
failed:
description: Indicates that the migration failed
type: boolean
migrationConfiguration:
description: Migration configurations to apply
properties:
allowAutoConverge:
description: AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false
type: boolean
allowPostCopy:
description: AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false
type: boolean
bandwidthPerMigration:
anyOf:
- type: integer
- type: string
description: BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit)
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
completionTimeoutPerGiB:
description: CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800
format: int64
type: integer
disableTLS:
description: When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false
type: boolean
matchSELinuxLevelOnMigration:
description: By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. That will ensure the target virt-launcher doesn't share categories with another pod on the node. However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels.
type: boolean
network:
description: Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network.
type: string
nodeDrainTaintKey:
description: 'NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain'
type: string
parallelMigrationsPerCluster:
description: ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5
format: int32
type: integer
parallelOutboundMigrationsPerNode:
description: ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2
format: int32
type: integer
progressTimeout:
description: ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150
format: int64
type: integer
unsafeMigrationOverride:
description: UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false
type: boolean
type: object
migrationPolicyName:
description: Name of the migration policy. If string is empty, no policy is matched
type: string
migrationUid:
description: The VirtualMachineInstanceMigration object associated with this migration
type: string
mode:
description: Lets us know if the vmi is currently running pre or post copy migration
type: string
sourceNode:
description: The source node that the VMI originated on
type: string
startTimestamp:
description: The time the migration action began
format: date-time
nullable: true
type: string
targetAttachmentPodUID:
description: The UID of the target attachment pod for hotplug volumes
type: string
targetCPUSet:
description: If the VMI requires dedicated CPUs, this field will hold the dedicated CPU set on the target node
items:
type: integer
type: array
x-kubernetes-list-type: atomic
targetDirectMigrationNodePorts:
additionalProperties:
type: integer
description: The list of ports opened for live migration on the destination node
type: object
targetNode:
description: The target node that the VMI is moving to
type: string
targetNodeAddress:
description: The address of the target node to use for the migration
type: string
targetNodeDomainDetected:
description: The Target Node has seen the Domain Start Event
type: boolean
targetNodeDomainReadyTimestamp:
description: The timestamp at which the target node detects the domain is active
format: date-time
type: string
targetNodeTopology:
description: If the VMI requires dedicated CPUs, this field will hold the numa topology on the target node
type: string
targetPod:
description: The target pod that the VMI is moving to
type: string
type: object
phase:
description: VirtualMachineInstanceMigrationPhase is a label for the condition of a VirtualMachineInstanceMigration at the current time.
type: string
phaseTransitionTimestamps:
description: PhaseTransitionTimestamp is the timestamp of when the last phase change occurred
items:
description: VirtualMachineInstanceMigrationPhaseTransitionTimestamp gives a timestamp in relation to when a phase is set on a vmi
properties:
phase:
description: Phase is the status of the VirtualMachineInstanceMigrationPhase in kubernetes world. It is not the VirtualMachineInstanceMigrationPhase status, but partially correlates to it.
type: string
phaseTransitionTimestamp:
description: PhaseTransitionTimestamp is the timestamp of when the phase change occurred
format: date-time
type: string
type: object
type: array
x-kubernetes-list-type: atomic
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}

1694
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancepresets.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

4244
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancereplicasets.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

4848
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstances.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

495
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancetypes.instancetype.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,495 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
kubevirt.io/generation: "1"
kubevirt.io/install-strategy-identifier: c51bc47ef3eccba54f764552d24801eb8388b36e
kubevirt.io/install-strategy-registry: quay.io/kubevirt
kubevirt.io/install-strategy-version: v1.0.1
generation: 1
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachineinstancetypes.instancetype.kubevirt.io
spec:
conversion:
strategy: None
group: instancetype.kubevirt.io
names:
categories:
- all
kind: VirtualMachineInstancetype
listKind: VirtualMachineInstancetypeList
plural: virtualmachineinstancetypes
shortNames:
- vminstancetype
- vminstancetypes
- vmf
- vmfs
singular: virtualmachineinstancetype
scope: Namespaced
versions:
- deprecated: true
deprecationWarning: instancetype.kubevirt.io/v1alpha1 VirtualMachineInstancetypes is now deprecated and will be removed in v1.
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineInstancetype resource contains quantitative and resource related VirtualMachine configuration that can be used by multiple VirtualMachine resources.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: false
- deprecated: true
deprecationWarning: instancetype.kubevirt.io/v1alpha2 VirtualMachineInstancetypes is now deprecated and will be removed in v1.
name: v1alpha2
schema:
openAPIV3Schema:
description: VirtualMachineInstancetype resource contains quantitative and resource related VirtualMachine configuration that can be used by multiple VirtualMachine resources.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: false
- name: v1beta1
schema:
openAPIV3Schema:
description: VirtualMachineInstancetype resource contains quantitative and resource related VirtualMachine configuration that can be used by multiple VirtualMachine resources.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Required spec describing the instancetype
properties:
cpu:
description: Required CPU related attributes of the instancetype.
properties:
dedicatedCPUPlacement:
description: DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.
type: boolean
guest:
description: "Required number of vCPUs to expose to the guest. \n The resulting CPU topology being derived from the optional PreferredCPUTopology attribute of CPUPreferences that itself defaults to PreferSockets."
format: int32
type: integer
isolateEmulatorThread:
description: IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.
type: boolean
model:
description: Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.
type: string
numa:
description: NUMA allows specifying settings for the guest NUMA topology
properties:
guestMappingPassthrough:
description: GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.
type: object
type: object
realtime:
description: Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads
properties:
mask:
description: 'Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt''s expressions. Example: "0-3,^1","0,2,3","2-3"'
type: string
type: object
required:
- guest
type: object
gpus:
description: Optionally defines any GPU devices associated with the instancetype.
items:
properties:
deviceName:
type: string
name:
description: Name of the GPU device as exposed by a device plugin
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
virtualGPUOptions:
properties:
display:
properties:
enabled:
description: Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.
type: boolean
ramFB:
description: Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true.
properties:
enabled:
description: Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.
type: boolean
type: object
type: object
type: object
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
hostDevices:
description: Optionally defines any HostDevices associated with the instancetype.
items:
properties:
deviceName:
description: DeviceName is the resource name of the host device exposed by a device plugin
type: string
name:
type: string
tag:
description: If specified, the virtual network interface address and its tag will be provided to the guest via config drive
type: string
required:
- deviceName
- name
type: object
type: array
x-kubernetes-list-type: atomic
ioThreadsPolicy:
description: Optionally defines the IOThreadsPolicy to be used by the instancetype.
type: string
launchSecurity:
description: Optionally defines the LaunchSecurity to be used by the instancetype.
properties:
sev:
description: AMD Secure Encrypted Virtualization (SEV).
properties:
policy:
description: 'Guest policy flags as defined in AMD SEV API specification. Note: due to security reasons it is not allowed to enable guest debugging. Therefore NoDebug flag is not exposed to users and is always true.'
properties:
encryptedState:
description: SEV-ES is required. Defaults to false.
type: boolean
type: object
type: object
type: object
memory:
description: Required Memory related attributes of the instancetype.
properties:
guest:
anyOf:
- type: integer
- type: string
description: Required amount of memory which is visible inside the guest OS.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
hugepages:
description: Optionally enables the use of hugepages for the VirtualMachineInstance instead of regular memory.
properties:
pageSize:
description: PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.
type: string
type: object
overcommitPercent:
description: OvercommitPercent is the percentage of the guest memory which will be overcommitted. This means that the VMIs parent pod (virt-launcher) will request less physical memory by a factor specified by the OvercommitPercent. Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 0
maximum: 100
minimum: 0
type: integer
required:
- guest
type: object
required:
- cpu
- memory
type: object
required:
- spec
type: object
served: true
storage: true

2658
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinepools.pool.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1377
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinepreferences.instancetype.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

152
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinerestores.snapshot.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,152 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
kubevirt.io/generation: "1"
kubevirt.io/install-strategy-identifier: c51bc47ef3eccba54f764552d24801eb8388b36e
kubevirt.io/install-strategy-registry: quay.io/kubevirt
kubevirt.io/install-strategy-version: v1.0.1
generation: 1
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachinerestores.snapshot.kubevirt.io
spec:
conversion:
strategy: None
group: snapshot.kubevirt.io
names:
categories:
- all
kind: VirtualMachineRestore
listKind: VirtualMachineRestoreList
plural: virtualmachinerestores
shortNames:
- vmrestore
- vmrestores
singular: virtualmachinerestore
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.target.kind
name: TargetKind
type: string
- jsonPath: .spec.target.name
name: TargetName
type: string
- jsonPath: .status.complete
name: Complete
type: boolean
- jsonPath: .status.restoreTime
name: RestoreTime
type: date
- jsonPath: .status.error.message
name: Error
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineRestore defines the operation of restoring a VM
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VirtualMachineRestoreSpec is the spec for a VirtualMachineRestoreresource
properties:
patches:
description: "If the target for the restore does not exist, it will be created. Patches holds JSON patches that would be applied to the target manifest before it's created. Patches should fit the target's Kind. \n Example for a patch: {\"op\": \"replace\", \"path\": \"/metadata/name\", \"value\": \"new-vm-name\"}"
items:
type: string
type: array
x-kubernetes-list-type: atomic
target:
description: initially only VirtualMachine type supported
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
virtualMachineSnapshotName:
type: string
required:
- target
- virtualMachineSnapshotName
type: object
status:
description: VirtualMachineRestoreStatus is the spec for a VirtualMachineRestoreresource
properties:
complete:
type: boolean
conditions:
items:
description: Condition defines conditions
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ConditionType is the const type for Conditions
type: string
required:
- status
- type
type: object
type: array
deletedDataVolumes:
items:
type: string
type: array
restoreTime:
format: date-time
type: string
restores:
items:
description: VolumeRestore contains the data neeed to restore a PVC
properties:
dataVolumeName:
type: string
persistentVolumeClaim:
type: string
volumeName:
type: string
volumeSnapshotName:
type: string
required:
- persistentVolumeClaim
- volumeName
- volumeSnapshotName
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true

5742
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachines.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

3085
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinesnapshotcontents.snapshot.kubevirt.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

168
crd/kubevirt/apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinesnapshots.snapshot.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,168 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
kubevirt.io/generation: "1"
kubevirt.io/install-strategy-identifier: c51bc47ef3eccba54f764552d24801eb8388b36e
kubevirt.io/install-strategy-registry: quay.io/kubevirt
kubevirt.io/install-strategy-version: v1.0.1
generation: 1
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: ""
name: virtualmachinesnapshots.snapshot.kubevirt.io
spec:
conversion:
strategy: None
group: snapshot.kubevirt.io
names:
categories:
- all
kind: VirtualMachineSnapshot
listKind: VirtualMachineSnapshotList
plural: virtualmachinesnapshots
shortNames:
- vmsnapshot
- vmsnapshots
singular: virtualmachinesnapshot
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.source.kind
name: SourceKind
type: string
- jsonPath: .spec.source.name
name: SourceName
type: string
- jsonPath: .status.phase
name: Phase
type: string
- jsonPath: .status.readyToUse
name: ReadyToUse
type: boolean
- jsonPath: .status.creationTime
name: CreationTime
type: date
- jsonPath: .status.error.message
name: Error
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VirtualMachineSnapshot defines the operation of snapshotting a VM
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VirtualMachineSnapshotSpec is the spec for a VirtualMachineSnapshot resource
properties:
deletionPolicy:
description: DeletionPolicy defines that to do with VirtualMachineSnapshot when VirtualMachineSnapshot is deleted
type: string
failureDeadline:
description: This time represents the number of seconds we permit the vm snapshot to take. In case we pass this deadline we mark this snapshot as failed. Defaults to DefaultFailureDeadline - 5min
type: string
source:
description: TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.
properties:
apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being referenced
type: string
name:
description: Name is the name of resource being referenced
type: string
required:
- kind
- name
type: object
required:
- source
type: object
status:
description: VirtualMachineSnapshotStatus is the status for a VirtualMachineSnapshot resource
properties:
conditions:
items:
description: Condition defines conditions
properties:
lastProbeTime:
format: date-time
nullable: true
type: string
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ConditionType is the const type for Conditions
type: string
required:
- status
- type
type: object
type: array
creationTime:
format: date-time
nullable: true
type: string
error:
description: Error is the last error encountered during the snapshot/restore
properties:
message:
type: string
time:
format: date-time
type: string
type: object
indications:
items:
description: Indication is a way to indicate the state of the vm when taking the snapshot
type: string
type: array
x-kubernetes-list-type: set
phase:
description: VirtualMachineSnapshotPhase is the current phase of the VirtualMachineSnapshot
type: string
readyToUse:
type: boolean
snapshotVolumes:
description: SnapshotVolumesLists includes the list of volumes which were included in the snapshot and volumes which were excluded from the snapshot
properties:
excludedVolumes:
items:
type: string
type: array
x-kubernetes-list-type: set
includedVolumes:
items:
type: string
type: array
x-kubernetes-list-type: set
type: object
sourceUID:
description: UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated.
type: string
virtualMachineSnapshotContentName:
type: string
type: object
required:
- spec
type: object
served: true
storage: true

17
crd/kubevirt/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

40
crd/kubevirt/index.rhai Normal file
View File

@@ -0,0 +1,40 @@
const VERSION="3.5.5";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const PURGE=config.purge;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_kubevirts.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_migrationpolicies.migrations.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclones.clone.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclusterinstancetypes.instancetype.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineclusterpreferences.instancetype.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineexports.export.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancemigrations.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancepresets.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancereplicasets.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstances.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachineinstancetypes.instancetype.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinepools.pool.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinepreferences.instancetype.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinerestores.snapshot.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachines.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinesnapshotcontents.snapshot.kubevirt.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_virtualmachinesnapshots.snapshot.kubevirt.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::PURGE {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

21
crd/kubevirt/index.yaml Normal file
View File

@@ -0,0 +1,21 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: kubevirt
description: CRD for kube-virt
options:
apply:
default: true
examples:
- true
type: boolean
purge:
default: false
examples:
- false
type: boolean
dependencies: []
providers: null
tfaddtype: null

40
meta/addons/crds.tf
View File

@@ -18,10 +18,46 @@ locals {
crd-flux = { for k, v in var.crds.flux : k => v if k!="enable" }
crd-tekton_pipelines = { for k, v in var.crds.tekton_pipelines : k => v if k!="enable" }
crd-tekton_triggers = { for k, v in var.crds.tekton_triggers : k => v if k!="enable" }
crd-kubevirt = { for k, v in var.crds.kubevirt : k => v if k!="enable" }
crd-cdi = { for k, v in var.crds.cdi : k => v if k!="enable" }
}
resource "kubectl_manifest" "crd-kubevirt" {
count = (var.crds.kubevirt.enable || var.virt.enable && var.virt.kubevirt.enable) ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "crd-kubevirt"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.component}"
category: "crd"
component: "kubevirt"
options: ${jsonencode(local.crd-kubevirt)}
EOF
}
resource "kubectl_manifest" "crd-cdi" {
count = (var.crds.cdi.enable || var.virt.enable && var.virt.cdi.enable) ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "crd-cdi"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.component}"
category: "crd"
component: "cdi"
options: ${jsonencode(local.crd-cdi)}
EOF
}
resource "kubectl_manifest" "crd-tekton_pipelines" {
count = (var.crds.tekton_pipelines.enable || var.tekton.tekton_pipelines.enable) ? 1 : 0
count = (var.crds.tekton_pipelines.enable || var.tekton.enable && var.tekton.tekton_pipelines.enable) ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
@@ -38,7 +74,7 @@ resource "kubectl_manifest" "crd-tekton_pipelines" {
}
resource "kubectl_manifest" "crd-tekton_triggers" {
count = (var.crds.tekton_triggers.enable || var.tekton.tekton_triggers.enable) ? 1 : 0
count = (var.crds.tekton_triggers.enable || var.tekton.enable && var.tekton.tekton_triggers.enable) ? 1 : 0
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"

512
meta/addons/index.yaml
View File

@@ -6,20 +6,214 @@ metadata:
name: addons
description: addons meta-component installing all the addons components
options:
olm:
crds:
default:
enable: false
namespace: olm
argo-cd:
enable: false
argo-events:
enable: false
argo-workflows:
enable: false
cdi:
enable: false
fission:
enable: false
flux:
enable: false
jaeger:
enable: false
keda:
enable: false
kubevirt:
enable: false
minio:
enable: false
olm:
enable: false
opentelemetry:
enable: false
prometheus:
enable: false
tekton_pipelines:
enable: false
tekton_triggers:
enable: false
volumesnapshot:
enable: false
whereabouts:
enable: false
examples:
- enable: false
namespace: olm
- argo-cd:
enable: false
argo-events:
enable: false
argo-workflows:
enable: false
cdi:
enable: false
fission:
enable: false
flux:
enable: false
jaeger:
enable: false
keda:
enable: false
kubevirt:
enable: false
minio:
enable: false
olm:
enable: false
opentelemetry:
enable: false
prometheus:
enable: false
tekton_pipelines:
enable: false
tekton_triggers:
enable: false
volumesnapshot:
enable: false
whereabouts:
enable: false
properties:
enable:
default: false
type: boolean
namespace:
default: olm
type: string
argo-cd:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
argo-events:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
argo-workflows:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
cdi:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
fission:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
flux:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
jaeger:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
keda:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
kubevirt:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
minio:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
olm:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
opentelemetry:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
prometheus:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
tekton_pipelines:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
tekton_triggers:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
volumesnapshot:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
whereabouts:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
type: object
flux:
default:
@@ -36,40 +230,6 @@ options:
default: flux
type: string
type: object
tools:
default:
keda:
enable: false
namespace: vynil-addons
node_problem_detector:
enable: false
examples:
- keda:
enable: false
namespace: vynil-addons
node_problem_detector:
enable: false
properties:
keda:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
namespace:
default: vynil-addons
type: string
node_problem_detector:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
type: object
monitor:
default:
jaeger:
@@ -116,24 +276,75 @@ options:
type: boolean
type: object
type: object
olm:
default:
enable: false
namespace: olm
examples:
- enable: false
namespace: olm
properties:
enable:
default: false
type: boolean
namespace:
default: olm
type: string
type: object
tekton:
default:
enable: false
namespace: tekton
tekton_pipelines:
enable: false
enable: true
tekton_triggers:
enable: false
enable: true
examples:
- namespace: tekton
- enable: false
namespace: tekton
tekton_pipelines:
enable: false
enable: true
tekton_triggers:
enable: false
enable: true
properties:
enable:
default: false
type: boolean
namespace:
default: tekton
type: string
tekton_pipelines:
default:
enable: true
properties:
enable:
default: true
type: boolean
type: object
tekton_triggers:
default:
enable: true
properties:
enable:
default: true
type: boolean
type: object
type: object
tools:
default:
keda:
enable: false
namespace: vynil-addons
node_problem_detector:
enable: false
examples:
- keda:
enable: false
namespace: vynil-addons
node_problem_detector:
enable: false
properties:
keda:
default:
enable: false
properties:
@@ -141,7 +352,10 @@ options:
default: false
type: boolean
type: object
tekton_triggers:
namespace:
default: vynil-addons
type: string
node_problem_detector:
default:
enable: false
properties:
@@ -150,190 +364,44 @@ options:
type: boolean
type: object
type: object
crds:
virt:
default:
argo-cd:
enable: false
argo-events:
enable: false
argo-workflows:
enable: false
fission:
enable: false
flux:
enable: false
jaeger:
enable: false
keda:
enable: false
minio:
enable: false
olm:
enable: false
opentelemetry:
enable: false
prometheus:
enable: false
tekton_pipelines:
enable: false
tekton_triggers:
enable: false
volumesnapshot:
enable: false
whereabouts:
enable: false
cdi:
enable: true
enable: false
kubevirt:
enable: true
namespace: vynil-virt
examples:
- argo-cd:
enable: false
argo-events:
enable: false
argo-workflows:
enable: false
fission:
enable: false
flux:
enable: false
jaeger:
enable: false
keda:
enable: false
minio:
enable: false
olm:
enable: false
opentelemetry:
enable: false
prometheus:
enable: false
tekton_pipelines:
enable: false
tekton_triggers:
enable: false
volumesnapshot:
enable: false
whereabouts:
enable: false
- cdi:
enable: true
enable: false
kubevirt:
enable: true
namespace: vynil-virt
properties:
argo-cd:
cdi:
default:
enable: false
enable: true
properties:
enable:
default: false
default: true
type: boolean
type: object
argo-events:
enable:
default: false
type: boolean
kubevirt:
default:
enable: false
enable: true
properties:
enable:
default: false
type: boolean
type: object
argo-workflows:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
fission:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
flux:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
jaeger:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
keda:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
minio:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
olm:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
opentelemetry:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
prometheus:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
tekton_pipelines:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
tekton_triggers:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
volumesnapshot:
default:
enable: false
properties:
enable:
default: false
type: boolean
type: object
whereabouts:
default:
enable: false
properties:
enable:
default: false
default: true
type: boolean
type: object
namespace:
default: vynil-virt
type: string
type: object
dependencies: []
providers:

6
meta/addons/tekton.tf
View File

@@ -4,7 +4,7 @@ locals {
}
resource "kubernetes_namespace_v1" "tekton-ns" {
count = ( var.tekton.tekton_pipelines.enable || var.tekton.tekton_triggers.enable)? 1 : 0
count = var.tekton.enable && ( var.tekton.tekton_pipelines.enable || var.tekton.tekton_triggers.enable)? 1 : 0
metadata {
annotations = local.annotations
labels = local.common-labels
@@ -13,7 +13,7 @@ resource "kubernetes_namespace_v1" "tekton-ns" {
}
resource "kubectl_manifest" "tekton_pipelines" {
count = var.tekton.tekton_pipelines.enable ? 1 : 0
count = var.tekton.enable && var.tekton.tekton_pipelines.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.tekton-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
@@ -31,7 +31,7 @@ resource "kubectl_manifest" "tekton_pipelines" {
}
resource "kubectl_manifest" "tekton_triggers" {
count = var.tekton.tekton_triggers.enable ? 1 : 0
count = var.tekton.enable && var.tekton.tekton_triggers.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.tekton-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"

49
meta/addons/virt.tf Normal file
View File

@@ -0,0 +1,49 @@
locals {
cdi = { for k, v in var.virt.cdi : k => v if k!="enable" }
kubevirt = { for k, v in var.virt.kubevirt : k => v if k!="enable" }
}
resource "kubernetes_namespace_v1" "virt-ns" {
count = var.virt.enable && ( var.virt.cdi.enable || var.virt.kubevirt.enable)? 1 : 0
metadata {
annotations = local.annotations
labels = local.common-labels
name = var.virt.namespace
}
}
resource "kubectl_manifest" "cdi" {
count = var.virt.enable && var.virt.cdi.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.virt-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "cdi"
namespace: "${var.virt.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.component}"
category: "virt"
component: "cdi"
options: ${jsonencode(local.cdi)}
EOF
}
resource "kubectl_manifest" "kubevirt" {
count = var.virt.enable && var.virt.kubevirt.enable ? 1 : 0
depends_on = [kubernetes_namespace_v1.virt-ns]
yaml_body = <<-EOF
apiVersion: "vynil.solidite.fr/v1"
kind: "Install"
metadata:
name: "kubevirt"
namespace: "${var.virt.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
distrib: "${var.component}"
category: "virt"
component: "kubevirt"
options: ${jsonencode(local.kubevirt)}
EOF
}

37
virt/cdi/admissionregistration.k8s.io_v1_MutatingWebhookConfiguration_cdi-api-datavolume-mutate.yaml.hbs Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: cdi-api-datavolume-mutate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /datavolume-mutate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: datavolume-mutate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
reinvocationPolicy: Never
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- datavolumes
scope: '*'
sideEffects: None
timeoutSeconds: 30

36
virt/cdi/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_cdi-api-dataimportcron-validate.yaml.hbs Normal file
View File

@@ -0,0 +1,36 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: cdi-api-dataimportcron-validate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /dataimportcron-validate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: dataimportcron-validate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- dataimportcrons
scope: '*'
sideEffects: None
timeoutSeconds: 30

36
virt/cdi/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_cdi-api-datavolume-validate.yaml.hbs Normal file
View File

@@ -0,0 +1,36 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: cdi-api-datavolume-validate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /datavolume-validate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: datavolume-validate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- datavolumes
scope: '*'
sideEffects: None
timeoutSeconds: 30

37
virt/cdi/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_cdi-api-populator-validate.yaml.hbs Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: cdi-api-populator-validate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /populator-validate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: populator-validate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- volumeimportsources
- volumeuploadsources
scope: '*'
sideEffects: None
timeoutSeconds: 30

35
virt/cdi/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_cdi-api-validate.yaml.hbs Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: cdi-api-validate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /cdi-validate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: cdi-validate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- DELETE
resources:
- cdis
scope: '*'
sideEffects: None
timeoutSeconds: 30

36
virt/cdi/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_objecttransfer-api-validate.yaml.hbs Normal file
View File

@@ -0,0 +1,36 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: objecttransfer-api-validate
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: cdi-api
namespace: "{{ namespace }}"
path: /objecttransfer-validate
port: 443
failurePolicy: Fail
matchPolicy: Exact
name: objecttransfer-validate.cdi.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- cdi.kubevirt.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- objecttransfers
scope: '*'
sideEffects: None
timeoutSeconds: 30

17
virt/cdi/apiregistration.k8s.io_v1_APIService_v1beta1.upload.cdi.kubevirt.io.yaml.hbs Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/cdi-apiserver-server-cert"
labels:
cdi.kubevirt.io: cdi-api
name: v1beta1.upload.cdi.kubevirt.io
spec:
group: upload.cdi.kubevirt.io
groupPriorityMinimum: 1000
service:
name: cdi-api
namespace: "{{ namespace }}"
port: 443
version: v1beta1
versionPriority: 15

108
virt/cdi/apps_v1_Deployment_cdi-apiserver.yaml.hbs Normal file
View File

@@ -0,0 +1,108 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-apiserver
name: cdi-apiserver
namespace: "{{ namespace }}"
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
cdi.kubevirt.io: cdi-apiserver
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-apiserver
spec:
containers:
- args:
- -v=1
env:
- name: INSTALLER_PART_OF_LABEL
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.labels['app.kubernetes.io/part-of']
- name: INSTALLER_VERSION_LABEL
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.labels['app.kubernetes.io/version']
image: quay.io/kubevirt/cdi-apiserver@sha256:e9e39408413b1478d2e98eba68913f9e20c93000558b190b47de73bdfd1d9ac4
imagePullPolicy: IfNotPresent
name: cdi-apiserver
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 2
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 10m
memory: 150Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/certs/cdi-apiserver-signer-bundle
name: ca-bundle
readOnly: true
- mountPath: /var/run/certs/cdi-apiserver-server-cert
name: server-cert
readOnly: true
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: cdi-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: cdi-apiserver
serviceAccountName: cdi-apiserver
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- secret:
defaultMode: 420
items:
- key: ca.crt
path: ca-bundle.crt
secretName: cdi-apiserver-server-cert
name: ca-bundle
- name: server-cert
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
secretName: cdi-apiserver-server-cert

155
virt/cdi/apps_v1_Deployment_cdi-deployment.yaml.hbs Normal file
View File

@@ -0,0 +1,155 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: containerized-data-importer
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
name: cdi-deployment
namespace: "{{ namespace }}"
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: containerized-data-importer
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: containerized-data-importer
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
spec:
containers:
- args:
- -v=1
env:
- name: IMPORTER_IMAGE
value: quay.io/kubevirt/cdi-importer@sha256:3143bbc67cdc6267eb48b7eaac664b8551ac4c11401dfbf4921efd3f233e6ce9
- name: CLONER_IMAGE
value: quay.io/kubevirt/cdi-cloner@sha256:9d31b14f23259398c5bac636f5ead13ad0afd6fe8eeab4499e8e047b4d85074f
- name: UPLOADSERVER_IMAGE
value: quay.io/kubevirt/cdi-uploadserver@sha256:30f1827d3696cf996b081c22c3267ca78e7219c872fdb54950198fa54359f6ee
- name: UPLOADPROXY_SERVICE
value: cdi-uploadproxy
- name: PULL_POLICY
value: IfNotPresent
- name: INSTALLER_PART_OF_LABEL
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.labels['app.kubernetes.io/part-of']
- name: INSTALLER_VERSION_LABEL
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.labels['app.kubernetes.io/version']
image: quay.io/kubevirt/cdi-controller@sha256:27c47883a08226f83757971d3adafb0cd9bcb26e58fbcf7208236070e0adf37e
imagePullPolicy: IfNotPresent
name: cdi-controller
ports:
- containerPort: 8080
name: metrics
protocol: TCP
readinessProbe:
exec:
command:
- cat
- /tmp/ready
failureThreshold: 3
initialDelaySeconds: 2
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 10m
memory: 150Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/cdi/token/keys
name: cdi-api-signing-key
- mountPath: /var/run/certs/cdi-uploadserver-signer
name: uploadserver-ca-cert
- mountPath: /var/run/certs/cdi-uploadserver-client-signer
name: uploadserver-client-ca-cert
- mountPath: /var/run/ca-bundle/cdi-uploadserver-signer-bundle
name: uploadserver-ca-bundle
- mountPath: /var/run/ca-bundle/cdi-uploadserver-client-signer-bundle
name: uploadserver-client-ca-bundle
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: cdi-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: cdi-sa
serviceAccountName: cdi-sa
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- name: cdi-api-signing-key
secret:
defaultMode: 420
items:
- key: publickey.pem
path: id_rsa.pub
- key: privatekey.pem
path: id_rsa
secretName: cdi-api-signing-key
- name: uploadserver-ca-cert
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
secretName: cdi-uploadserver-signer
- name: uploadserver-client-ca-cert
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
secretName: cdi-uploadserver-client-signer
- secret:
defaultMode: 420
items:
- key: tls.crt
path: ca-bundle.crt
secretName: cdi-uploadserver-signer
name: uploadserver-ca-bundle
- secret:
defaultMode: 420
items:
- key: tls.crt
path: ca-bundle.crt
secretName: cdi-uploadserver-client-signer
name: uploadserver-client-ca-bundle

105
virt/cdi/apps_v1_Deployment_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,105 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-uploadproxy
name: cdi-uploadproxy
namespace: "{{ namespace }}"
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
cdi.kubevirt.io: cdi-uploadproxy
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-uploadproxy
spec:
containers:
- args:
- -v=1
env:
- name: APISERVER_PUBLIC_KEY
valueFrom:
secretKeyRef:
key: publickey.pem
name: cdi-api-signing-key
image: quay.io/kubevirt/cdi-uploadproxy@sha256:551221d79902a5053d1c734b81163d69f087217e2ac13c49bdf6900336ef0786
imagePullPolicy: IfNotPresent
name: cdi-uploadproxy
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 2
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 10m
memory: 150Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/certs/cdi-uploadproxy-server-cert
name: server-cert
readOnly: true
- mountPath: /var/run/certs/cdi-uploadserver-client-cert
name: client-cert
readOnly: true
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: cdi-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: cdi-uploadproxy
serviceAccountName: cdi-uploadproxy
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- name: server-cert
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
secretName: cdi-uploadproxy-server-cert
- name: client-cert
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
secretName: cdi-uploadserver-client-cert

7
virt/cdi/cdi.kubevirt.io_v1beta1_CDIConfig_config.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: cdi.kubevirt.io/v1beta1
kind: CDIConfig
metadata:
name: config
spec:
featureGates:
- HonorWaitForFirstConsumer

18
virt/cdi/cdi.kubevirt.io_v1beta1_CDI_cdi.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: cdi.kubevirt.io/v1beta1
kind: CDI
metadata:
name: cdi
spec:
config:
featureGates:
- HonorWaitForFirstConsumer
imagePullPolicy: IfNotPresent
infra:
nodeSelector:
kubernetes.io/os: linux
tolerations:
- key: CriticalAddonsOnly
operator: Exists
workload:
nodeSelector:
kubernetes.io/os: linux

187
virt/cdi/certs.tf Normal file
View File

@@ -0,0 +1,187 @@
resource "kubectl_manifest" "issuer" {
yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1"
kind: "Issuer"
metadata:
name: "cdi-selfsigned"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
selfSigned: {}
EOF
}
resource "kubectl_manifest" "cdi-apiserver-signer-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: cdi-apiserver-signer
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
isCA: true
duration: "${var.duration}"
commonName: "cdi-apiserver-signer"
secretName: cdi-apiserver-signer
issuerRef:
name: cdi-selfsigned
EOF
}
resource "kubectl_manifest" "cdi-uploadproxy-signer-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: cdi-uploadproxy-signer
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
isCA: true
duration: "${var.duration}"
commonName: "cdi-uploadproxy-signer"
secretName: cdi-uploadproxy-signer
issuerRef:
name: cdi-selfsigned
EOF
}
resource "kubectl_manifest" "cdi-uploadserver-client-signer-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: cdi-uploadserver-client-signer
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
isCA: true
duration: "${var.duration}"
commonName: "cdi-uploadserver-client-signer"
secretName: cdi-uploadserver-client-signer
issuerRef:
name: cdi-selfsigned
EOF
}
resource "kubectl_manifest" "cdi-uploadserver-signer-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: cdi-uploadserver-signer
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
isCA: true
duration: "${var.duration}"
commonName: "cdi-uploadserver-signer"
secretName: cdi-uploadserver-signer
issuerRef:
name: cdi-selfsigned
EOF
}
resource "kubectl_manifest" "cdi-uploadproxy-signer" {
yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1"
kind: "Issuer"
metadata:
name: "cdi-uploadproxy-signer"
namespace: ${var.namespace}
labels: ${jsonencode(local.common-labels)}
spec:
ca:
secretName: "cdi-uploadproxy-signer"
EOF
}
resource "kubectl_manifest" "cdi-uploadserver-client-signer" {
yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1"
kind: "Issuer"
metadata:
name: "cdi-uploadserver-client-signer"
namespace: ${var.namespace}
labels: ${jsonencode(local.common-labels)}
spec:
ca:
secretName: "cdi-uploadserver-client-signer"
EOF
}
resource "kubectl_manifest" "cdi-apiserver-signer" {
yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1"
kind: "Issuer"
metadata:
name: "cdi-apiserver-signer"
namespace: ${var.namespace}
labels: ${jsonencode(local.common-labels)}
spec:
ca:
secretName: "cdi-apiserver-signer"
EOF
}
resource "kubectl_manifest" "cdi-apiserver-server-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: "cdi-apiserver-server-cert"
labels: ${jsonencode(local.common-labels)}
namespace: ${var.namespace}
spec:
dnsNames:
- cdi-api
- cdi-api.${var.namespace}
- cdi-api.${var.namespace}.svc
- cdi-api.${var.namespace}.svc.cluster.local
issuerRef:
kind: Issuer
name: cdi-apiserver-signer
secretName: cdi-apiserver-server-cert
subject:
organizationalUnits:
- cdi-api
EOF
}
resource "kubectl_manifest" "cdi-uploadproxy-server-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: "cdi-uploadproxy-server-cert"
labels: ${jsonencode(local.common-labels)}
namespace: ${var.namespace}
spec:
dnsNames:
- cdi-uploadproxy
- cdi-uploadproxy.${var.namespace}
- cdi-uploadproxy.${var.namespace}.svc
- cdi-uploadproxy.${var.namespace}.svc.cluster.local
issuerRef:
kind: Issuer
name: cdi-uploadproxy-signer
secretName: cdi-uploadproxy-server-cert
subject:
organizationalUnits:
- cdi-uploadproxy
EOF
}
resource "kubectl_manifest" "cdi-uploadserver-client-cert" {
yaml_body = <<-EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: "cdi-uploadserver-client-cert"
labels: ${jsonencode(local.common-labels)}
namespace: ${var.namespace}
spec:
usages:
- digital signature
- client auth
commonName: "cdi-uploadserver-client-cert"
issuerRef:
kind: Issuer
name: cdi-uploadserver-client-signer
secretName: cdi-uploadserver-client-cert
subject:
organizationalUnits:
- cdi-uploadserver-client
EOF
}

32
virt/cdi/datas.tf Normal file
View File

@@ -0,0 +1,32 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
images {
name = "quay.io/kubevirt/cdi-apiserver"
new_name = "${var.images.apiserver.registry}/${var.images.apiserver.repository}"
new_tag = "${var.images.apiserver.tag}"
}
images {
name = "quay.io/kubevirt/cdi-controller"
new_name = "${var.images.controller.registry}/${var.images.controller.repository}"
new_tag = "${var.images.controller.tag}"
}
images {
name = "quay.io/kubevirt/cdi-uploadproxy"
new_name = "${var.images.uploadproxy.registry}/${var.images.uploadproxy.repository}"
new_tag = "${var.images.uploadproxy.tag}"
}
}

6
virt/cdi/index.rhai Normal file
View File

@@ -0,0 +1,6 @@
const DEST=dest;
fn pre_install() {
shell(`openssl genrsa -out ${global::DEST}/privatekey.pem 4096`);
shell(`openssl rsa -in ${global::DEST}/privatekey.pem -pubout -out ${global::DEST}/publickey.pem`);
shell(`kubectl get secret -n $NAMESPACE cdi-api-signing-key|| kubectl create secret generic -n $NAMESPACE cdi-api-signing-key --from-file=privatekey.pem=${global::DEST}/privatekey.pem --from-file=publickey.pem=${global::DEST}/publickey.pem`);
}

110
virt/cdi/index.yaml Normal file
View File

@@ -0,0 +1,110 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: virt
metadata:
name: cdi
description: Containerized Data Importer
options:
duration:
default: 87660h
examples:
- 87660h
type: string
images:
default:
apiserver:
registry: quay.io
repository: kubevirt/cdi-apiserver
tag: v1.59.0
controller:
registry: quay.io
repository: kubevirt/cdi-controller
tag: v1.59.0
uploadproxy:
registry: quay.io
repository: kubevirt/cdi-uploadproxy
tag: v1.59.0
examples:
- apiserver:
registry: quay.io
repository: kubevirt/cdi-apiserver
tag: v1.59.0
controller:
registry: quay.io
repository: kubevirt/cdi-controller
tag: v1.59.0
uploadproxy:
registry: quay.io
repository: kubevirt/cdi-uploadproxy
tag: v1.59.0
properties:
apiserver:
default:
registry: quay.io
repository: kubevirt/cdi-apiserver
tag: v1.59.0
properties:
registry:
default: quay.io
type: string
repository:
default: kubevirt/cdi-apiserver
type: string
tag:
default: v1.59.0
type: string
type: object
controller:
default:
registry: quay.io
repository: kubevirt/cdi-controller
tag: v1.59.0
properties:
registry:
default: quay.io
type: string
repository:
default: kubevirt/cdi-controller
type: string
tag:
default: v1.59.0
type: string
type: object
uploadproxy:
default:
registry: quay.io
repository: kubevirt/cdi-uploadproxy
tag: v1.59.0
properties:
registry:
default: quay.io
type: string
repository:
default: kubevirt/cdi-uploadproxy
type: string
tag:
default: v1.59.0
type: string
type: object
type: object
dependencies:
- dist: null
category: core
component: cert-manager
- dist: null
category: core
component: secret-generator
- dist: null
category: crd
component: cdi
providers:
kubernetes: true
authentik: null
kubectl: true
postgresql: null
mysql: null
restapi: null
http: null
gitea: null
tfaddtype: null

79
virt/cdi/monitoring.coreos.com_v1_PrometheusRule_prometheus-cdi-rules.yaml.hbs Normal file
View File

@@ -0,0 +1,79 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
name: prometheus-cdi-rules
namespace: "{{ namespace }}"
spec:
groups:
- name: cdi.rules
rules:
- expr: sum(up{namespace='{{ namespace }}', pod=~'cdi-operator-.*'} or vector(0))
record: kubevirt_cdi_operator_up_total
- expr: count(kube_pod_container_status_restarts_total{pod=~'importer-.*', container='importer'} > 3)
record: kubevirt_cdi_import_dv_unusual_restartcount_total
- expr: count(kube_pod_container_status_restarts_total{pod=~'cdi-upload-.*', container='cdi-upload-server'} > 3)
record: kubevirt_cdi_upload_dv_unusual_restartcount_total
- expr: count(kube_pod_container_status_restarts_total{pod=~'.*-source-pod', container='cdi-clone-source'} > 3)
record: kubevirt_cdi_clone_dv_unusual_restartcount_total
- expr: sum(kubevirt_cdi_dataimportcron_outdated or vector(0))
record: kubevirt_cdi_dataimportcron_outdated_total
- alert: CDIOperatorDown
annotations:
runbook_url: https://kubevirt.io/monitoring/runbooks/CDIOperatorDown
summary: CDI operator is down
expr: kubevirt_cdi_operator_up_total == 0
for: 5m
labels:
kubernetes_operator_component: containerized-data-importer
kubernetes_operator_part_of: kubevirt
operator_health_impact: critical
severity: warning
- alert: CDINotReady
annotations:
runbook_url: https://kubevirt.io/monitoring/runbooks/CDINotReady
summary: CDI is not available to use
expr: kubevirt_cdi_cr_ready == 0
for: 5m
labels:
kubernetes_operator_component: containerized-data-importer
kubernetes_operator_part_of: kubevirt
operator_health_impact: critical
severity: warning
- alert: CDIDataVolumeUnusualRestartCount
annotations:
runbook_url: https://kubevirt.io/monitoring/runbooks/CDIDataVolumeUnusualRestartCount
summary: Cluster has DataVolumes (PVC population request) with an unusual restart count, meaning they are probably failing and need to be investigated
expr: kubevirt_cdi_import_dv_unusual_restartcount_total > 0 or kubevirt_cdi_upload_dv_unusual_restartcount_total > 0 or kubevirt_cdi_clone_dv_unusual_restartcount_total > 0
for: 5m
labels:
kubernetes_operator_component: containerized-data-importer
kubernetes_operator_part_of: kubevirt
operator_health_impact: warning
severity: warning
- alert: CDIStorageProfilesIncomplete
annotations:
runbook_url: https://kubevirt.io/monitoring/runbooks/CDIStorageProfilesIncomplete
summary: Incomplete StorageProfiles exist, accessMode/volumeMode cannot be inferred by CDI for PVC population request
expr: kubevirt_cdi_incomplete_storageprofiles_total > 0
for: 5m
labels:
kubernetes_operator_component: containerized-data-importer
kubernetes_operator_part_of: kubevirt
operator_health_impact: warning
severity: info
- alert: CDIDataImportCronOutdated
annotations:
runbook_url: https://kubevirt.io/monitoring/runbooks/CDIDataImportCronOutdated
summary: DataImportCron (recurring polling of VM templates disk image sources, also known as golden images) PVCs are not being updated on the defined schedule
expr: kubevirt_cdi_dataimportcron_outdated_total > 0
for: 15m
labels:
kubernetes_operator_component: containerized-data-importer
kubernetes_operator_part_of: kubevirt
operator_health_impact: warning
severity: info

27
virt/cdi/monitoring.coreos.com_v1_ServiceMonitor_service-monitor-cdi.yaml.hbs Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
openshift.io/cluster-monitoring: ""
prometheus.cdi.kubevirt.io: "true"
name: service-monitor-cdi
namespace: "{{ namespace }}"
spec:
endpoints:
- bearerTokenSecret:
key: ""
port: metrics
scheme: http
tlsConfig:
ca: {}
cert: {}
insecureSkipVerify: true
namespaceSelector:
matchNames:
- "{{ namespace }}"
selector:
matchLabels:
prometheus.cdi.kubevirt.io: "true"

16
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRoleBinding_cdi-apiserver.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-apiserver
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cdi-apiserver
subjects:
- kind: ServiceAccount
name: cdi-apiserver
namespace: "{{ namespace }}"

16
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRoleBinding_cdi-cronjob.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-cronjob
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cdi-cronjob
subjects:
- kind: ServiceAccount
name: cdi-cronjob
namespace: "{{ namespace }}"

16
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRoleBinding_cdi-sa.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-sa
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cdi
subjects:
- kind: ServiceAccount
name: cdi-sa
namespace: "{{ namespace }}"

16
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRoleBinding_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-uploadproxy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cdi-uploadproxy
subjects:
- kind: ServiceAccount
name: cdi-uploadproxy
namespace: "{{ namespace }}"

19
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRoleBinding_cdi.kubevirt.io:config-reader.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi.kubevirt.io:config-reader
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cdi.kubevirt.io:config-reader
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:authenticated
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:serviceaccount

67
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi-apiserver.yaml Normal file
View File

@@ -0,0 +1,67 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-apiserver
rules:
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- apiGroups:
- snapshot.storage.k8s.io
resources:
- volumesnapshots
verbs:
- get
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes
verbs:
- list
- get
- apiGroups:
- cdi.kubevirt.io
resources:
- datasources
verbs:
- list
- get
- apiGroups:
- cdi.kubevirt.io
resources:
- cdis
verbs:
- get
- apiGroups:
- cdi.kubevirt.io
resources:
- cdis/finalizers
verbs:
- '*'

18
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi-cronjob.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-cronjob
rules:
- apiGroups:
- cdi.kubevirt.io
resources:
- dataimportcrons
verbs:
- get
- list
- update

16
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi-uploadproxy.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-uploadproxy
rules:
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get

29
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi.kubevirt.io:admin.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
rbac.authorization.k8s.io/aggregate-to-admin: "true"
name: cdi.kubevirt.io:admin
rules:
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes
verbs:
- '*'
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes/source
verbs:
- create
- apiGroups:
- upload.cdi.kubevirt.io
resources:
- uploadtokenrequests
verbs:
- '*'

18
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi.kubevirt.io:config-reader.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi.kubevirt.io:config-reader
rules:
- apiGroups:
- cdi.kubevirt.io
resources:
- cdiconfigs
- storageprofiles
verbs:
- get
- list
- watch

28
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi.kubevirt.io:edit.yaml Normal file
View File

@@ -0,0 +1,28 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: cdi.kubevirt.io:edit
rules:
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes
verbs:
- '*'
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes/source
verbs:
- create
- apiGroups:
- upload.cdi.kubevirt.io
resources:
- uploadtokenrequests
verbs:
- '*'

32
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi.kubevirt.io:view.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
rbac.authorization.k8s.io/aggregate-to-view: "true"
name: cdi.kubevirt.io:view
rules:
- apiGroups:
- cdi.kubevirt.io
resources:
- cdiconfigs
- dataimportcrons
- datasources
- datavolumes
- objecttransfers
- storageprofiles
- volumeimportsources
- volumeuploadsources
- volumeclonesources
verbs:
- get
- list
- watch
- apiGroups:
- cdi.kubevirt.io
resources:
- datavolumes/source
verbs:
- create

134
virt/cdi/rbac.authorization.k8s.io_v1_ClusterRole_cdi.yaml Normal file
View File

@@ -0,0 +1,134 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- persistentvolumes
- persistentvolumeclaims
verbs:
- get
- list
- watch
- create
- update
- delete
- deletecollection
- patch
- apiGroups:
- ""
resources:
- persistentvolumeclaims/finalizers
- pods/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
- services
verbs:
- get
- list
- watch
- create
- delete
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- create
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
- csidrivers
verbs:
- get
- list
- watch
- apiGroups:
- config.openshift.io
resources:
- proxies
verbs:
- get
- list
- watch
- apiGroups:
- cdi.kubevirt.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- snapshot.storage.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- watch
- apiGroups:
- scheduling.k8s.io
resources:
- priorityclasses
verbs:
- get
- list
- watch
- apiGroups:
- image.openshift.io
resources:
- imagestreams
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- list
- watch
- apiGroups:
- kubevirt.io
resources:
- virtualmachines/finalizers
verbs:
- update

16
virt/cdi/rbac.authorization.k8s.io_v1_RoleBinding_cdi-apiserver.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-apiserver
namespace: "{{ namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cdi-apiserver
subjects:
- kind: ServiceAccount
name: cdi-apiserver

16
virt/cdi/rbac.authorization.k8s.io_v1_RoleBinding_cdi-deployment.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-deployment
namespace: "{{ namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cdi-deployment
subjects:
- kind: ServiceAccount
name: cdi-sa

18
virt/cdi/rbac.authorization.k8s.io_v1_RoleBinding_cdi-monitoring.yaml.hbs Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
name: cdi-monitoring
namespace: "{{ namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cdi-monitoring
subjects:
- kind: ServiceAccount
name: prometheus-k8s
namespace: monitoring

16
virt/cdi/rbac.authorization.k8s.io_v1_RoleBinding_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-uploadproxy
namespace: "{{ namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cdi-uploadproxy
subjects:
- kind: ServiceAccount
name: cdi-uploadproxy

17
virt/cdi/rbac.authorization.k8s.io_v1_Role_cdi-apiserver.yaml.hbs Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-apiserver
namespace: "{{ namespace }}"
rules:
- apiGroups:
- ""
resources:
- secrets
- configmaps
verbs:
- '*'

64
virt/cdi/rbac.authorization.k8s.io_v1_Role_cdi-deployment.yaml.hbs Normal file
View File

@@ -0,0 +1,64 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-deployment
namespace: "{{ namespace }}"
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- '*'
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- '*'
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- route.openshift.io
resources:
- routes
verbs:
- get
- list
- watch

21
virt/cdi/rbac.authorization.k8s.io_v1_Role_cdi-monitoring.yaml.hbs Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
name: cdi-monitoring
namespace: "{{ namespace }}"
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- pods
verbs:
- get
- list
- watch

16
virt/cdi/rbac.authorization.k8s.io_v1_Role_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-uploadproxy
namespace: "{{ namespace }}"
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get

7
virt/cdi/scheduling.k8s.io_v1_PriorityClass_cdi-cluster-critical.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
description: This priority class should be used for KubeVirt core components only.
kind: PriorityClass
metadata:
name: cdi-cluster-critical
preemptionPolicy: PreemptLowerPriority
value: 1000000000

8
virt/cdi/v1_ConfigMap_cdi-config.yaml.hbs Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
name: cdi-config
namespace: "{{ namespace }}"

9
virt/cdi/v1_ServiceAccount_cdi-apiserver.yaml.hbs Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-apiserver
namespace: "{{ namespace }}"

9
virt/cdi/v1_ServiceAccount_cdi-cronjob.yaml.hbs Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-cronjob
namespace: "{{ namespace }}"

9
virt/cdi/v1_ServiceAccount_cdi-sa.yaml.hbs Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-sa
namespace: "{{ namespace }}"

9
virt/cdi/v1_ServiceAccount_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
name: cdi-uploadproxy
namespace: "{{ namespace }}"

18
virt/cdi/v1_Service_cdi-api.yaml.hbs Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-apiserver
name: cdi-api
namespace: "{{ namespace }}"
spec:
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
cdi.kubevirt.io: cdi-apiserver
sessionAffinity: None
type: ClusterIP

20
virt/cdi/v1_Service_cdi-prometheus-metrics.yaml.hbs Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: ""
prometheus.cdi.kubevirt.io: "true"
name: cdi-prometheus-metrics
namespace: "{{ namespace }}"
spec:
ports:
- name: metrics
port: 8080
protocol: TCP
targetPort: metrics
selector:
prometheus.cdi.kubevirt.io: "true"
sessionAffinity: None
type: ClusterIP

18
virt/cdi/v1_Service_cdi-uploadproxy.yaml.hbs Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: storage
app.kubernetes.io/managed-by: cdi-operator
cdi.kubevirt.io: cdi-uploadproxy
name: cdi-uploadproxy
namespace: "{{ namespace }}"
spec:
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
cdi.kubevirt.io: cdi-uploadproxy
sessionAffinity: None
type: ClusterIP

124
virt/kubevirt/admissionregistration.k8s.io_v1_MutatingWebhookConfiguration_virt-api-mutator.yaml.hbs Normal file
View File

@@ -0,0 +1,124 @@
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/kubevirt-virt-api-certs"
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: virt-api-mutator
name: virt-api-mutator
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachines-mutate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachines-mutator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
reinvocationPolicy: Never
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachines
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstances-mutate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstances-mutator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
reinvocationPolicy: Never
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstances
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-mutate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migrations-mutator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
reinvocationPolicy: Never
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
resources:
- virtualmachineinstancemigrations
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /vm-clone-mutate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineclones-mutator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
reinvocationPolicy: Never
rules:
- apiGroups:
- clone.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
resources:
- virtualmachineclones
scope: '*'
sideEffects: None
timeoutSeconds: 10

537
virt/kubevirt/admissionregistration.k8s.io_v1_ValidatingWebhookConfiguration_virt-api-validator.yaml.hbs Normal file
View File

@@ -0,0 +1,537 @@
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/kubevirt-virt-api-certs"
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: virt-api-validator
name: virt-api-validator
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /launcher-eviction-validate
port: 443
failurePolicy: Ignore
matchPolicy: Equivalent
name: virt-launcher-eviction-interceptor.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- '*'
resources:
- pods/eviction
scope: '*'
sideEffects: NoneOnDryRun
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstances-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstances-create-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
resources:
- virtualmachineinstances
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstances-validate-update
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstances-update-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- UPDATE
resources:
- virtualmachineinstances
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachines-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachine-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachines
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinereplicaset-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinereplicaset-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancereplicasets
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinepool-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepool-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- pool.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinepools
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /vmipreset-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepreset-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancepresets
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-create-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
resources:
- virtualmachineinstancemigrations
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-validate-update
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-update-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- UPDATE
resources:
- virtualmachineinstancemigrations
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinesnapshots-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinesnapshot-validator.snapshot.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- snapshot.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinesnapshots
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinerestores-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinerestore-validator.snapshot.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- snapshot.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinerestores
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineexports-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineexport-validator.export.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- export.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineexports
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineinstancetypes-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineinstancetype-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineinstancetypes
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineclusterinstancetypes-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineclusterinstancetype-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclusterinstancetypes
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachinepreferences-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachinepreference-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachinepreferences
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /virtualmachineclusterpreferences-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: virtualmachineclusterpreference-validator.instancetype.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- instancetype.kubevirt.io
apiVersions:
- v1alpha1
- v1alpha2
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclusterpreferences
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /status-validate
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: kubevirt-crd-status-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- kubevirt.io
apiVersions:
- v1alpha3
- v1
operations:
- CREATE
- UPDATE
resources:
- virtualmachines/status
- virtualmachineinstancereplicasets/status
- virtualmachineinstancemigrations/status
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /migration-policy-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: migration-policy-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- migrations.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- migrationpolicies
scope: '*'
sideEffects: None
timeoutSeconds: 10
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: virt-api
namespace: "{{ namespace }}"
path: /vm-clone-validate-create
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: vm-clone-validator.kubevirt.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- clone.kubevirt.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- virtualmachineclones
scope: '*'
sideEffects: None
timeoutSeconds: 10

19
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1.subresources.kubevirt.io.yaml.hbs Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/kubevirt-virt-api-certs"
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: virt-api-aggregator
name: v1.subresources.kubevirt.io
spec:
group: subresources.kubevirt.io
groupPriorityMinimum: 1000
service:
name: virt-api
namespace: "{{ namespace }}"
port: 443
version: v1
versionPriority: 15

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.clone.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.clone.kubevirt.io
spec:
group: clone.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.export.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.export.kubevirt.io
spec:
group: export.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.instancetype.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.instancetype.kubevirt.io
spec:
group: instancetype.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.migrations.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.migrations.kubevirt.io
spec:
group: migrations.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.pool.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.pool.kubevirt.io
spec:
group: pool.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha1.snapshot.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha1.snapshot.kubevirt.io
spec:
group: snapshot.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha1
versionPriority: 100

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha2.instancetype.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1alpha2.instancetype.kubevirt.io
spec:
group: instancetype.kubevirt.io
groupPriorityMinimum: 1000
version: v1alpha2
versionPriority: 100

19
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1alpha3.subresources.kubevirt.io.yaml.hbs Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
annotations:
cert-manager.io/inject-ca-from: "{{ namespace }}/kubevirt-virt-api-certs"
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
kubevirt.io: virt-api-aggregator
name: v1alpha3.subresources.kubevirt.io
spec:
group: subresources.kubevirt.io
groupPriorityMinimum: 1000
service:
name: virt-api
namespace: "{{ namespace }}"
port: 443
version: v1alpha3
versionPriority: 15

11
virt/kubevirt/apiregistration.k8s.io_v1_APIService_v1beta1.instancetype.kubevirt.io.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
kube-aggregator.kubernetes.io/automanaged: "true"
name: v1beta1.instancetype.kubevirt.io
spec:
group: instancetype.kubevirt.io
groupPriorityMinimum: 1000
version: v1beta1
versionPriority: 100

209
virt/kubevirt/apps_v1_DaemonSet_virt-handler.yaml.hbs Normal file
View File

@@ -0,0 +1,209 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-handler
name: virt-handler
namespace: "{{ namespace }}"
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
kubevirt.io: virt-handler
template:
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-handler
prometheus.kubevirt.io: "true"
name: virt-handler
spec:
containers:
- args:
- --port
- "8443"
- --hostname-override
- $(NODE_NAME)
- --pod-ip-address
- $(MY_POD_IP)
- --max-metric-requests
- "3"
- --console-server-port
- "8186"
- --graceful-shutdown-seconds
- "315"
- -v
- "2"
command:
- virt-handler
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: MY_POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
image: quay.io/kubevirt/virt-handler@sha256:138dfda5fea8622f3da0d6413fe214fef80c2fd6a6f9533592a0dbfa7e1865b5
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 45
successThreshold: 1
timeoutSeconds: 10
name: virt-handler
ports:
- containerPort: 8443
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 10m
memory: 325Mi
securityContext:
privileged: true
seLinuxOptions:
level: s0
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/virt-handler/clientcertificates
name: kubevirt-virt-handler-certs
readOnly: true
- mountPath: /etc/virt-handler/servercertificates
name: kubevirt-virt-handler-server-certs
readOnly: true
- mountPath: /profile-data
name: profile-data
- mountPath: /var/run/kubevirt-libvirt-runtimes
name: libvirt-runtimes
- mountPath: /var/run/kubevirt
mountPropagation: Bidirectional
name: virt-share-dir
- mountPath: /var/lib/kubevirt
name: virt-lib-dir
- mountPath: /var/run/kubevirt-private
name: virt-private-dir
- mountPath: /var/lib/kubelet/device-plugins
name: device-plugin
- mountPath: /pods
name: kubelet-pods-shortened
- mountPath: /var/lib/kubelet/pods
mountPropagation: Bidirectional
name: kubelet-pods
- mountPath: /var/lib/kubevirt-node-labeller
name: node-labeller
- mountPath: /etc/podinfo
name: podinfo
dnsPolicy: ClusterFirst
hostPID: true
initContainers:
- args:
- node-labeller.sh
command:
- /bin/sh
- -c
image: quay.io/kubevirt/virt-launcher@sha256:4c5fce3de2e2589197de72fb0c9436490ea318aca952c05a622c43e067023f35
imagePullPolicy: IfNotPresent
name: virt-launcher
resources: {}
securityContext:
privileged: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/kubevirt-node-labeller
name: node-labeller
nodeSelector:
kubernetes.io/os: linux
priorityClassName: kubevirt-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: kubevirt-handler
serviceAccountName: kubevirt-handler
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- name: kubevirt-virt-handler-certs
secret:
defaultMode: 420
optional: true
secretName: kubevirt-virt-handler-certs
- name: kubevirt-virt-handler-server-certs
secret:
defaultMode: 420
optional: true
secretName: kubevirt-virt-handler-server-certs
- emptyDir: {}
name: profile-data
- hostPath:
path: /var/run/kubevirt-libvirt-runtimes
type: ""
name: libvirt-runtimes
- hostPath:
path: /var/run/kubevirt
type: ""
name: virt-share-dir
- hostPath:
path: /var/lib/kubevirt
type: ""
name: virt-lib-dir
- hostPath:
path: /var/run/kubevirt-private
type: ""
name: virt-private-dir
- hostPath:
path: /var/lib/kubelet/device-plugins
type: ""
name: device-plugin
- hostPath:
path: /var/lib/kubelet/pods
type: ""
name: kubelet-pods-shortened
- hostPath:
path: /var/lib/kubelet/pods
type: ""
name: kubelet-pods
- hostPath:
path: /var/lib/kubevirt-node-labeller
type: ""
name: node-labeller
- downwardAPI:
defaultMode: 420
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.annotations['k8s.v1.cni.cncf.io/network-status']
path: network-status
name: podinfo
updateStrategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate

127
virt/kubevirt/apps_v1_Deployment_virt-api.yaml.hbs Normal file
View File

@@ -0,0 +1,127 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/name: virt-api
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-api
name: virt-api
namespace: "{{ namespace }}"
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
kubevirt.io: virt-api
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-api
prometheus.kubevirt.io: "true"
name: virt-api
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: kubevirt.io
operator: In
values:
- virt-api
topologyKey: kubernetes.io/hostname
weight: 1
containers:
- args:
- --port
- "8443"
- --console-server-port
- "8186"
- --subresources-only
- -v
- "2"
command:
- virt-api
image: quay.io/kubevirt/virt-api@sha256:707003b221496b4432da2f507d1e36e528b45888b5d321e06d460f0678da44ae
imagePullPolicy: IfNotPresent
name: virt-api
ports:
- containerPort: 8443
name: virt-api
protocol: TCP
- containerPort: 8443
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /apis/subresources.kubevirt.io/v1/healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 5m
memory: 500Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/virt-api/certificates
name: kubevirt-virt-api-certs
readOnly: true
- mountPath: /etc/virt-handler/clientcertificates
name: kubevirt-virt-handler-certs
readOnly: true
- mountPath: /profile-data
name: profile-data
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: kubevirt-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccount: kubevirt-apiserver
serviceAccountName: kubevirt-apiserver
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- name: kubevirt-virt-api-certs
secret:
defaultMode: 420
optional: true
secretName: kubevirt-virt-api-certs
- name: kubevirt-virt-handler-certs
secret:
defaultMode: 420
optional: true
secretName: kubevirt-virt-handler-certs
- emptyDir: {}
name: profile-data

135
virt/kubevirt/apps_v1_Deployment_virt-controller.yaml.hbs Normal file
View File

@@ -0,0 +1,135 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/name: virt-controller
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-controller
name: virt-controller
namespace: "{{ namespace }}"
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
kubevirt.io: virt-controller
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/component: kubevirt
app.kubernetes.io/managed-by: virt-operator
app.kubernetes.io/version: v1.0.1
kubevirt.io: virt-controller
prometheus.kubevirt.io: "true"
name: virt-controller
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: kubevirt.io
operator: In
values:
- virt-controller
topologyKey: kubernetes.io/hostname
weight: 1
containers:
- args:
- --launcher-image
- quay.io/kubevirt/virt-launcher@sha256:4c5fce3de2e2589197de72fb0c9436490ea318aca952c05a622c43e067023f35
- --exporter-image
- quay.io/kubevirt/virt-exportserver@sha256:73311f79a9c71007f8572b3cc40cd6f6da404c7ef0a9c6509fb717d979546582
- --port
- "8443"
- -v
- "2"
command:
- virt-controller
image: quay.io/kubevirt/virt-controller@sha256:0789fafed2913b35a771e3db882748502b3250be04ece86d97f30201779b4e54
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 8
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
name: virt-controller
ports:
- containerPort: 8443
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /leader
port: 8443
scheme: HTTPS
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
cpu: 10m
memory: 275Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/virt-controller/certificates
name: kubevirt-controller-certs
readOnly: true
- mountPath: /etc/virt-controller/exportca
name: kubevirt-export-ca
readOnly: true
- mountPath: /profile-data
name: profile-data
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: kubevirt-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccount: kubevirt-controller
serviceAccountName: kubevirt-controller
terminationGracePeriodSeconds: 30
tolerations:
- key: CriticalAddonsOnly
operator: Exists
volumes:
- name: kubevirt-controller-certs
secret:
defaultMode: 420
optional: true
secretName: kubevirt-controller-certs
- name: kubevirt-export-ca
secret:
defaultMode: 420
optional: true
secretName: kubevirt-export-ca
- emptyDir: {}
name: profile-data

Some files were not shown because too many files have changed in this diff Show More